Module: SessionsHelper
Instance Method Summary
collapse
#clear_memoization, #strong_memoize, #strong_memoized?
Instance Method Details
#ensure_authenticated_session_time ⇒ Object
28
29
30
|
# File 'app/helpers/sessions_helper.rb', line 28
def ensure_authenticated_session_time
set_session_time(nil)
end
|
#limit_session_time ⇒ Object
By default, all sessions are given the same expiration time configured in the session store (e.g. 1 week). However, unauthenticated users can generate a lot of sessions, primarily for CSRF verification. It makes sense to reduce the TTL for unauthenticated to something much lower than the default (e.g. 1 hour) to limit Redis memory. In addition, Rails creates a new session after login, so the short TTL doesn't even need to be extended.
24
25
26
|
# File 'app/helpers/sessions_helper.rb', line 24
def limit_session_time
set_session_time(Settings.gitlab['unauthenticated_session_expire_delay'])
end
|
#obfuscated_email(email) ⇒ Object
47
48
49
50
51
52
53
|
# File 'app/helpers/sessions_helper.rb', line 47
def obfuscated_email(email)
regex = ::Gitlab::UntrustedRegexp.new('^(..?)(.*)(@.?)(.*)(\..*)$')
match = regex.match(email)
return email unless match
match[1] + '*' * match[2].length + match[3] + '*' * match[4].length + match[5]
end
|
#recently_confirmed_com? ⇒ Boolean
6
7
8
9
10
11
|
# File 'app/helpers/sessions_helper.rb', line 6
def recently_confirmed_com?
strong_memoize(:recently_confirmed_com) do
::Gitlab.com? &&
!!flash[:notice]&.include?(t(:confirmed, scope: [:devise, :confirmations]))
end
end
|
#send_rate_limited?(user) ⇒ Boolean
43
44
45
|
# File 'app/helpers/sessions_helper.rb', line 43
def send_rate_limited?(user)
Gitlab::ApplicationRateLimiter.peek(:email_verification_code_send, scope: user)
end
|
#set_session_time(expiry_s) ⇒ Object
32
33
34
35
36
37
38
39
40
41
|
# File 'app/helpers/sessions_helper.rb', line 32
def set_session_time(expiry_s)
return unless request.env['rack.session.options']
request.env['rack.session.options'][:expire_after] = expiry_s
end
|
#unconfirmed_email? ⇒ Boolean
13
14
15
|
# File 'app/helpers/sessions_helper.rb', line 13
def unconfirmed_email?
flash[:alert] == t(:unconfirmed, scope: [:devise, :failure])
end
|