class Aws::SessionStore::DynamoDB::RackMiddleware
This class is an ID based Session Store Rack Middleware that uses a DynamoDB
backend for session storage.
Attributes
@return [Configuration] An instance of Configuration
that is used for
this middleware.
Public Class Methods
Initializes SessionStore
middleware.
@param app Rack application. @option (see Configuration#initialize) @raise [Aws::DynamoDB::Errors::ResourceNotFoundException] If valid table
name is not provided.
@raise [Aws::SessionStore::DynamoDB::MissingSecretKey] If secret key is
not provided.
# File lib/aws/session_store/dynamo_db/rack_middleware.rb, line 21 def initialize(app, options = {}) super @config = Configuration.new(options) set_locking_strategy end
Private Instance Methods
Destroys session and removes session from database.
@return [String] return a new session id or nil if options
# File lib/aws/session_store/dynamo_db/rack_middleware.rb, line 81 def delete_session(req, sid, options) @lock.delete_session(req.env, sid) generate_sid unless options[:drop] end
Gets session data.
# File lib/aws/session_store/dynamo_db/rack_middleware.rb, line 51 def find_session(req, sid) validate_config case verify_hmac(sid) when nil set_new_session_properties(req.env) when false handle_error { raise InvalidIDError } set_new_session_properties(req.env) else data = @lock.get_session_data(req.env, sid) [sid, data || {}] end end
Generate HMAC hash based on MD5
# File lib/aws/session_store/dynamo_db/rack_middleware.rb, line 99 def generate_hmac(sid, secret) OpenSSL::HMAC.hexdigest(OpenSSL::Digest::MD5.new, secret, sid).strip() end
Generate sid with HMAC hash
# File lib/aws/session_store/dynamo_db/rack_middleware.rb, line 104 def generate_sid(secure = @sid_secure) sid = super(secure) sid = "#{generate_hmac(sid, @config.secret_key)}--" + sid end
Each database operation is placed in this rescue wrapper. This wrapper will call the method, rescue any exceptions and then pass exceptions to the configured session handler.
# File lib/aws/session_store/dynamo_db/rack_middleware.rb, line 89 def handle_error(env = nil, &block) begin yield rescue Aws::DynamoDB::Errors::Base, Aws::SessionStore::DynamoDB::InvalidIDError => e @config.error_handler.handle_error(e, env) end end
Sets locking strategy for session handler
@return [Locking::Null] If locking is not enabled. @return [Locking::Pessimistic] If locking is enabled.
# File lib/aws/session_store/dynamo_db/rack_middleware.rb, line 33 def set_locking_strategy if @config.enable_locking @lock = Aws::SessionStore::DynamoDB::Locking::Pessimistic.new(@config) else @lock = Aws::SessionStore::DynamoDB::Locking::Null.new(@config) end end
# File lib/aws/session_store/dynamo_db/rack_middleware.rb, line 65 def set_new_session_properties(env) env['dynamo_db.new_session'] = 'true' [generate_sid, {}] end
Determines if the correct session table name is being used for this application. Also tests existence of secret key.
@raise [Aws::DynamoDB::Errors::ResourceNotFoundException] If wrong table
name.
# File lib/aws/session_store/dynamo_db/rack_middleware.rb, line 46 def validate_config raise MissingSecretKeyError unless @config.secret_key end
Verify digest of HMACed hash
@return [true] If the HMAC id has been verified. @return [false] If the HMAC id has been corrupted.
# File lib/aws/session_store/dynamo_db/rack_middleware.rb, line 113 def verify_hmac(sid) return unless sid digest, ver_sid = sid.split("--") return false unless ver_sid digest == generate_hmac(ver_sid, @config.secret_key) end
Sets the session in the database after packing data.
@return [Hash] If session has been saved. @return [false] If session has could not be saved.
# File lib/aws/session_store/dynamo_db/rack_middleware.rb, line 74 def write_session(req, sid, session, options) @lock.set_session_data(req.env, sid, session, options) end