Railsのカスタムセッションストア

 Railsのカスタムセッションストア

9db0db6aa6c148db251e4fca1da7633e?s=128

Koichiro Okubo

February 23, 2018
Tweet

Transcript

  1. 3BJMTͷΧελϜηογϣϯετΞ

  2. 2 ࣗݾ঺հ k-okubo ɾPerl Ͱ CGI ॻ͍ͨΓɺ ɾSIer ͰϝΠϯϑϨʔϜ৮ͬͨΓɺ ɾιγϟή։ൃͰ

    Java/C++ ͨ͠Γͯ͠ɺ ɾ1݄ʹαʔόαΠυΤϯδχΞͱͯ͠ ɹFablic ʹೖࣾ
  3. 3 ࠓ೔࿩͢͜ͱ 2ͭͷRailsΞϓϦέʔγϣϯؒͰ ηογϣϯ৘ใΛڞ༗Խͨ͠࿩

  4. 4 ݩʑͷηογϣϯઃఆ GSJMKQ ओʹ1$޲͚αΠτ Set-Cookie: _fril_user_session=… ҉߸Խ͋Γ CBTFॻ͖ग़͠ XFCGSJMKQ औҾϖʔδ

    ϞόΠϧ͔Β΋ΞΫηε Set-Cookie: _fril_web_session=… ҉߸Խͳ͠ CBTFॻ͖ग़͠
  5. 5 w ڞ௨ͷηογϣϯΛ࢖͍͍ͨ w มߋ͢Δʹ͋ͨͬͯڧ੍ϩάΞ΢τ͸ىͨ͘͜͠ͳ͍ w υϝΠϯຖʹผʑͷηογϣϯ w ॻ͖ग़͠ํ๏΋ҟͳΔ ϩάΠϯ৘ใͷड͚౉͕͠Կ͔ͱෆศ

    Ұ෦ηΩϡϦςΟతͳ໰୊΋ࢦఠ͞Ε͍ͯͨ ݩʑͷηογϣϯઃఆ
  6. 6 ηογϣϯΛڞ༗Խͭͭ͠ɺ ݹ͍CookieΛ౉͞Εͯ΋ฏؾͳΑ͏ʹ͢Δ

  7. 7 ݩʑͷηογϣϯઃఆ GSJMKQ ओʹ1$޲͚αΠτ Set-Cookie: _fril_user_session=… ҉߸Խ͋Γ CBTFॻ͖ग़͠ XFCGSJMKQ औҾϖʔδ

    ϞόΠϧ͔Β΋ΞΫηε Set-Cookie: _fril_web_session=… ҉߸Խͳ͠ CBTFॻ͖ग़͠
  8. 8 ηογϣϯઃఆ (Ҡߦظؒத) GSJMKQ ओʹ1$޲͚αΠτ Set-Cookie: _fril_user_session=… ҉߸Խ͋Γ CBTFॻ͖ग़͠ XFCGSJMKQ

    औҾϖʔδ ϞόΠϧ͔Β΋ΞΫηε Set-Cookie: _fril_user_session=… ҉߸Խ͋Γ CBTFॻ͖ग़͠ ͨͩ͠ Cookie:_fril_web_session Λ౉͞Εͯ΋ಈ͘Α͏ʹ
  9. 9 w σϑΥϧτ͸DPPLJF@TUPSF w ΧελϜηογϣϯετΞΛࢦఆ͢Δ͜ͱ΋Մೳ w $PPLJF4UPSFΛ֦ுͯ͠ηογϣϯΛڞ௨Խ͠Α͏ Rails.application.config.session_store( :cookie_store, key:

    ‘_myapp_session’ ) ηογϣϯετΞͷઃఆ
  10. 10 w3BDL.JEEMFXBSFͱͯ͠ಈ࡞ wΞϓϦέʔγϣϯίʔυதͰTFTTJPOʹΞΫηε͕͋ΔͱMPBE@TFTTJPO͕ݺ͹ΕΔ wSFRVFTUͷ࠷ޙʹDPNNJU@TFTTJPO͢Δ class CookieStore < Rack::Session::Abstract::ID ... end

    class Rack::Session::Abstract::ID def call(env) context(env) end def context(env, app=@app) prepare_session(env) status, headers, body = app.call(env) commit_session(env, status, headers, body) end end CookieStore ͷ࣮૷Λ೷͘
  11. 11 ͍ͭ͜Λ֦ு͢Δ

  12. 12 def get_cookie(env) cookie_jar(env)[@key] end ηογϣϯͷಡΈࠐΈ෦෼ CFGPSF w MPBE@TFTTJPO͔Βݺ͹ΕΔ w

    $PPLJF͔Βηογϣϯ৘ใΛߏங͢Δ
  13. 13 def get_cookie(env) jar = cookie_jar(env) if jar.key?(@key) jar.encrypted[@key] else

    jar.signed[@old_key] end end ηογϣϯͷಡΈࠐΈ෦෼ BGUFS w ৽LFZͷ$PPLJF͕͋Ε͹ͦͬͪΛಡΈࠐΈ w ແ͚Ε͹چLFZͰಡΈࠐΈ
  14. 14 ৽چͲͪΒͷ Cookie ͕དྷͯ΋ ηογϣϯ৘ใΛߏஙՄೳ

  15. 15 def set_cookie(env, session_id, cookie) cookie_jar(env)[@key] = cookie end ηογϣϯͷॻ͖ग़͠෦෼

    CFGPSF w DPNNJU@TFTTJPO͔Βݺ͹ΕΔ w ηογϣϯ৘ใΛγϦΞϥΠζͯ͠$PPLJFʹอଘ
  16. 16 def set_cookie(env, session_id, cookie) jar = cookie_jar(env) jar.encrypted[@key] =

    cookie if jar.key?(@old_key) jar.delete(@old_key) end end ηογϣϯͷॻ͖ग़͠෦෼ BGUFS w ৽LFZͰ$PPLJFʹॻ͖ग़͠ w چLFZͷ$PPLJF͸࡟আ
  17. 17 class CompatibleCookieStore < ActionDispatch::Session::CookieStore def initialize(app, options = {})

    super(app, options) @old_key = options[:old_session_key] end def get_cookie(env) jar = cookie_jar(env) if jar.key?(@key) jar.encrypted[@key] else jar.signed[@old_key] end end def set_cookie(env, session_id, cookie) jar = cookie_jar(env) jar.encrypted[@key] = cookie if jar.key?(@old_key) jar.delete(@old_key) end end def cookie_jar(env) request = ActionDispatch::Request.new(env) request.cookie_jar end end Rails.application.config.session_store :compatible_cookie_store, key: '_fril_user_session', expire_after: 1.month, domain: ‘.fril.jp’, old_session_key: '_fril_web_session' શମ૾
  18. 18 ·ͱΊ w TFTTJPO@TUPSFʹΧελϜΫϥεΛࢦఆ͢Δ͜ͱͰ ॊೈ ͳηογϣϯͷಡΈॻ͖Λ͢Δ͜ͱ͕Ͱ͖Δ w ࠓճ͸৽چ$PPLJFΛಡΊΔΑ͏ʹ͢Δ͜ͱͰڧ੍ϩά Ξ΢τແ͠ͰηογϣϯΛҠߦ͠ ෳ਺ΞϓϦέʔγϣϯ

    ؒͰηογϣϯͷڞ༗Λ͢Δ͜ͱ͕Ͱ͖ͨ
  19. 19 ͝੩ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠