class Aws::SessionStore::DynamoDB::RackMiddleware

This class is an ID based Session Store Rack Middleware that uses a DynamoDB backend for session storage.

Attributes

config[R]

@return [Configuration] An instance of Configuration that is used for

this middleware.

Public Class Methods

new(app, options = {}) click to toggle source

Initializes SessionStore middleware.

@param app Rack application. @option (see Configuration#initialize) @raise [Aws::DynamoDB::Errors::ResourceNotFoundException] If valid table

name is not provided.

@raise [Aws::SessionStore::DynamoDB::MissingSecretKey] If secret key is

not provided.
Calls superclass method
# File lib/aws/session_store/dynamo_db/rack_middleware.rb, line 21
def initialize(app, options = {})
  super
  @config = Configuration.new(options)
  set_locking_strategy
end

Private Instance Methods

delete_session(req, sid, options) click to toggle source

Destroys session and removes session from database.

@return [String] return a new session id or nil if options

# File lib/aws/session_store/dynamo_db/rack_middleware.rb, line 81
def delete_session(req, sid, options)
  @lock.delete_session(req.env, sid)
  generate_sid unless options[:drop]
end
find_session(req, sid) click to toggle source

Gets session data.

# File lib/aws/session_store/dynamo_db/rack_middleware.rb, line 51
def find_session(req, sid)
  validate_config
  case verify_hmac(sid)
  when nil
    set_new_session_properties(req.env)
  when false
    handle_error { raise InvalidIDError }
    set_new_session_properties(req.env)
  else
    data = @lock.get_session_data(req.env, sid)
    [sid, data || {}]
  end
end
generate_hmac(sid, secret) click to toggle source

Generate HMAC hash based on MD5

# File lib/aws/session_store/dynamo_db/rack_middleware.rb, line 99
def generate_hmac(sid, secret)
  OpenSSL::HMAC.hexdigest(OpenSSL::Digest::MD5.new, secret, sid).strip()
end
generate_sid(secure = @sid_secure) click to toggle source

Generate sid with HMAC hash

Calls superclass method
# File lib/aws/session_store/dynamo_db/rack_middleware.rb, line 104
def generate_sid(secure = @sid_secure)
  sid = super(secure)
  sid = "#{generate_hmac(sid, @config.secret_key)}--" + sid
end
handle_error(env = nil) { || ... } click to toggle source

Each database operation is placed in this rescue wrapper. This wrapper will call the method, rescue any exceptions and then pass exceptions to the configured session handler.

# File lib/aws/session_store/dynamo_db/rack_middleware.rb, line 89
def handle_error(env = nil, &block)
  begin
    yield
  rescue Aws::DynamoDB::Errors::Base,
         Aws::SessionStore::DynamoDB::InvalidIDError => e
    @config.error_handler.handle_error(e, env)
  end
end
set_locking_strategy() click to toggle source

Sets locking strategy for session handler

@return [Locking::Null] If locking is not enabled. @return [Locking::Pessimistic] If locking is enabled.

# File lib/aws/session_store/dynamo_db/rack_middleware.rb, line 33
def set_locking_strategy
  if @config.enable_locking
    @lock = Aws::SessionStore::DynamoDB::Locking::Pessimistic.new(@config)
  else
    @lock = Aws::SessionStore::DynamoDB::Locking::Null.new(@config)
  end
end
set_new_session_properties(env) click to toggle source
# File lib/aws/session_store/dynamo_db/rack_middleware.rb, line 65
def set_new_session_properties(env)
  env['dynamo_db.new_session'] = 'true'
  [generate_sid, {}]
end
validate_config() click to toggle source

Determines if the correct session table name is being used for this application. Also tests existence of secret key.

@raise [Aws::DynamoDB::Errors::ResourceNotFoundException] If wrong table

name.
# File lib/aws/session_store/dynamo_db/rack_middleware.rb, line 46
def validate_config
  raise MissingSecretKeyError unless @config.secret_key
end
verify_hmac(sid) click to toggle source

Verify digest of HMACed hash

@return [true] If the HMAC id has been verified. @return [false] If the HMAC id has been corrupted.

# File lib/aws/session_store/dynamo_db/rack_middleware.rb, line 113
def verify_hmac(sid)
  return unless sid
  digest, ver_sid  = sid.split("--")
  return false unless ver_sid
  digest == generate_hmac(ver_sid, @config.secret_key)
end
write_session(req, sid, session, options) click to toggle source

Sets the session in the database after packing data.

@return [Hash] If session has been saved. @return [false] If session has could not be saved.

# File lib/aws/session_store/dynamo_db/rack_middleware.rb, line 74
def write_session(req, sid, session, options)
  @lock.set_session_data(req.env, sid, session, options)
end