Class: Rage::Session

Inherits:

Object

• Object
• Rage::Session

Defined in:

lib/rage/session.rb

Overview

Sessions securely store data between requests using cookies and are typically one of the most convenient and secure authentication mechanisms for browser-based clients.

Rage sessions are encrypted using a secret key. This prevents clients from reading or tampering with session data.

Setup

1. Add the required gems to your Gemfile:

   bundle add base64 domain_name rbnacl
   

2. Generate a secret key base (keep this value private and out of version control):

   ruby -r securerandom -e 'puts SecureRandom.hex(64)'
   

3. Configure your application to use the generated key, either via configuration:

   Rage.configure do |config|
     config.secret_key_base = "my-secret-key"
   end
   

   or via the SECRET_KEY_BASE environment variable:

   export SECRET_KEY_BASE="my-secret-key"
   

System Dependencies

Rage sessions use libsodium (via RbNaCl) for encryption. On many Debian-based systems it is installed by default; if not, install it with:

• Ubuntu / Debian:

  sudo apt install libsodium23
  

• Fedora / RHEL / Amazon Linux:

  sudo yum install libsodium
  

• macOS (using Homebrew):

  brew install libsodium
  

Instance Method Summary

• #[](key) ⇒ Object

  Returns the value of the key stored in the session or nil if the given key is not found.

• #[]=(key, value) ⇒ Object

  Writes the value to the session.

• #clear ⇒ Object

  Clears the session.

• #delete(key) ⇒ Object

  Deletes the given key from the session.

• #dig(*keys) ⇒ Object
• #each(&block) ⇒ Object
• #empty? ⇒ Boolean
• #fetch(key, default = nil, &block) ⇒ Object

  Returns the value of the given key from the session, or raises KeyError if the given key is not found and no default value is set.

• #has_key?(key) ⇒ Boolean (also: #key?, #include?)

  Returns true if the given key is present in the session.

• #inspect ⇒ Object
• #to_hash ⇒ Object (also: #to_h)

  Returns the session as Hash.

Instance Method Details

#[](key) ⇒ Object

Returns the value of the key stored in the session or nil if the given key is not found.

Parameters:

• key (Symbol)

# File 'lib/rage/session.rb', line 84

def [](key)
  read_session[key]
end

#[]=(key, value) ⇒ Object

Writes the value to the session.

Parameters:

• key (Symbol)
• value (String)

# File 'lib/rage/session.rb', line 77

def []=(key, value)
  write_session(add: { key => value })
end

#clear ⇒ Object

Clears the session.

# File 'lib/rage/session.rb', line 108

def clear
  write_session(clear: true)
end

#delete(key) ⇒ Object

Deletes the given key from the session.

Parameters:

• key (Symbol)

# File 'lib/rage/session.rb', line 103

def delete(key)
  write_session(remove: key)
end

#dig(*keys) ⇒ Object

# File 'lib/rage/session.rb', line 135

def dig(*keys)
  read_session.dig(*keys)
end

#each(&block) ⇒ Object

# File 'lib/rage/session.rb', line 131

def each(&block)
  read_session.each(&block)
end

#empty? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/rage/session.rb', line 119

def empty?
  read_session.empty?
end

#fetch(key, default = nil, &block) ⇒ Object

Returns the value of the given key from the session, or raises KeyError if the given key is not found and no default value is set. Returns the default value if specified.

Parameters:

• key (Symbol)

# File 'lib/rage/session.rb', line 92

def fetch(key, default = nil, &block)
  if default.nil?
    read_session.fetch(key, &block)
  else
    read_session.fetch(key, default, &block)
  end
end

#has_key?(key) ⇒ Boolean Also known as: key?, include?

Returns true if the given key is present in the session.

Returns:

• (Boolean)

# File 'lib/rage/session.rb', line 124

def has_key?(key)
  read_session.has_key?(key)
end

#inspect ⇒ Object

# File 'lib/rage/session.rb', line 139

def inspect
  "#<#{self.class.name} @session=#{to_h.inspect}"
end

#to_hash ⇒ Object Also known as: to_h

Returns the session as Hash.

# File 'lib/rage/session.rb', line 113

def to_hash
  read_session
end