class Lux::Current::Session

vars Lux.config.session_cookie_name Lux.config.session_cookie_max_age Lux.config.session_cookie_domain

Public Class Methods

new(request) click to toggle source
# File lib/lux/current/lib/session.rb, line 7
def initialize request
  # how long will session last if BROWSER or IP change
  Lux.config.session_forced_validity ||= 10.minutes.to_i

  # name of the session cookie
  @cookie_name = Lux.config.session_cookie_name ||= 'lux_' + Crypt.sha1(Lux.config.secret)[0,4].downcase
  @request     = request
  @session     = JSON.parse(Crypt.decrypt(request.cookies[@cookie_name] || '{}')) rescue {}

  security_check
end

Public Instance Methods

[](key) click to toggle source
# File lib/lux/current/lib/session.rb, line 19
def [] key
  @session[key.to_s.downcase]
end
[]=(key, value) click to toggle source
# File lib/lux/current/lib/session.rb, line 23
def []= key, value
  @session[key.to_s.downcase] = value
end
delete(key) click to toggle source
# File lib/lux/current/lib/session.rb, line 27
def delete key
  @session.delete key.to_s.downcase
end
hash() click to toggle source
# File lib/lux/current/lib/session.rb, line 53
def hash
  @session.dup
end
merge!(hash={}) click to toggle source
# File lib/lux/current/lib/session.rb, line 49
def merge! hash={}
  hash.keys.each { |k| self[k] = hash[k] }
end

Private Instance Methods

security_check() click to toggle source
# File lib/lux/current/lib/session.rb, line 59
def security_check
  key   = '_c'
  check = Crypt.sha1(@request.ip.to_s+@request.env['HTTP_USER_AGENT'].to_s)[0, 5]

  # force type array
  @session.delete(key) unless @session[key].class == Array

  # allow 10 mins delay for IP change
  @session = {} if @session[key] && (@session[key][0] != check && @session[key][1].to_i < Time.now.to_i - Lux.config.session_forced_validity)

  # add new time stamp to every request
  @session[key] = [check, Time.now.to_i]
end