Railsのカスタムセッションストア

by Koichiro Okubo

Slide 1

Slide 1 text

3BJMTͷΧελϜηογϣϯετΞ

Slide 2

Slide 2 text

2 ࣗݾ঺հ k-okubo ɾPerl Ͱ CGI ॻ͍ͨΓɺ ɾSIer ͰϝΠϯϑϨʔϜ৮ͬͨΓɺ ɾιγϟή։ൃͰ Java/C++ ͨ͠Γͯ͠ɺ ɾ1݄ʹαʔόαΠυΤϯδχΞͱͯ͠ ɹFablic ʹೖࣾ

Slide 3

Slide 3 text

3 ࠓ೔࿩͢͜ͱ 2ͭͷRailsΞϓϦέʔγϣϯؒͰ ηογϣϯ৘ใΛڞ༗Խͨ͠࿩

Slide 4

Slide 4 text

4 ݩʑͷηογϣϯઃఆ GSJMKQ ओʹ1$޲͚αΠτ Set-Cookie: _fril_user_session=… ҉߸Խ͋Γ CBTFॻ͖ग़͠ XFCGSJMKQ औҾϖʔδ ϞόΠϧ͔Β΋ΞΫηε Set-Cookie: _fril_web_session=… ҉߸Խͳ͠ CBTFॻ͖ग़͠

Slide 5

Slide 5 text

5 w ڞ௨ͷηογϣϯΛ࢖͍͍ͨ w มߋ͢Δʹ͋ͨͬͯڧ੍ϩάΞ΢τ͸ىͨ͘͜͠ͳ͍ w υϝΠϯຖʹผʑͷηογϣϯ w ॻ͖ग़͠ํ๏΋ҟͳΔ ϩάΠϯ৘ใͷड͚౉͕͠Կ͔ͱෆศ Ұ෦ηΩϡϦςΟతͳ໰୊΋ࢦఠ͞Ε͍ͯͨ ݩʑͷηογϣϯઃఆ

Slide 6

Slide 6 text

6 ηογϣϯΛڞ༗Խͭͭ͠ɺ ݹ͍CookieΛ౉͞Εͯ΋ฏؾͳΑ͏ʹ͢Δ

Slide 7

Slide 7 text

7 ݩʑͷηογϣϯઃఆ GSJMKQ ओʹ1$޲͚αΠτ Set-Cookie: _fril_user_session=… ҉߸Խ͋Γ CBTFॻ͖ग़͠ XFCGSJMKQ औҾϖʔδ ϞόΠϧ͔Β΋ΞΫηε Set-Cookie: _fril_web_session=… ҉߸Խͳ͠ CBTFॻ͖ग़͠

Slide 8

Slide 8 text

8 ηογϣϯઃఆ (Ҡߦظؒத) GSJMKQ ओʹ1$޲͚αΠτ Set-Cookie: _fril_user_session=… ҉߸Խ͋Γ CBTFॻ͖ग़͠ XFCGSJMKQ औҾϖʔδ ϞόΠϧ͔Β΋ΞΫηε Set-Cookie: _fril_user_session=… ҉߸Խ͋Γ CBTFॻ͖ग़͠ ͨͩ͠ Cookie:_fril_web_session Λ౉͞Εͯ΋ಈ͘Α͏ʹ

Slide 9

Slide 9 text

9 w σϑΥϧτ͸DPPLJF@TUPSF w ΧελϜηογϣϯετΞΛࢦఆ͢Δ͜ͱ΋Մೳ w $PPLJF4UPSFΛ֦ுͯ͠ηογϣϯΛڞ௨Խ͠Α͏ Rails.application.config.session_store( :cookie_store, key: ‘_myapp_session’ ) ηογϣϯετΞͷઃఆ

Slide 10

Slide 10 text

10 w3BDL.JEEMFXBSFͱͯ͠ಈ࡞ wΞϓϦέʔγϣϯίʔυதͰTFTTJPOʹΞΫηε͕͋ΔͱMPBE@TFTTJPO͕ݺ͹ΕΔ wSFRVFTUͷ࠷ޙʹDPNNJU@TFTTJPO͢Δ class CookieStore < Rack::Session::Abstract::ID ... end class Rack::Session::Abstract::ID def call(env) context(env) end def context(env, app=@app) prepare_session(env) status, headers, body = app.call(env) commit_session(env, status, headers, body) end end CookieStore ͷ࣮૷Λ೷͘

Slide 11

Slide 11 text

11 ͍ͭ͜Λ֦ு͢Δ

Slide 12

Slide 12 text

12 def get_cookie(env) cookie_jar(env)[@key] end ηογϣϯͷಡΈࠐΈ෦෼ CFGPSF w MPBE@TFTTJPO͔Βݺ͹ΕΔ w $PPLJF͔Βηογϣϯ৘ใΛߏங͢Δ

Slide 13

Slide 13 text

13 def get_cookie(env) jar = cookie_jar(env) if jar.key?(@key) jar.encrypted[@key] else jar.signed[@old_key] end end ηογϣϯͷಡΈࠐΈ෦෼ BGUFS w ৽LFZͷ$PPLJF͕͋Ε͹ͦͬͪΛಡΈࠐΈ w ແ͚Ε͹چLFZͰಡΈࠐΈ

Slide 14

Slide 14 text

14 ৽چͲͪΒͷ Cookie ͕དྷͯ΋ ηογϣϯ৘ใΛߏஙՄೳ

Slide 15

Slide 15 text

15 def set_cookie(env, session_id, cookie) cookie_jar(env)[@key] = cookie end ηογϣϯͷॻ͖ग़͠෦෼ CFGPSF w DPNNJU@TFTTJPO͔Βݺ͹ΕΔ w ηογϣϯ৘ใΛγϦΞϥΠζͯ͠$PPLJFʹอଘ

Slide 16

Slide 16 text

16 def set_cookie(env, session_id, cookie) jar = cookie_jar(env) jar.encrypted[@key] = cookie if jar.key?(@old_key) jar.delete(@old_key) end end ηογϣϯͷॻ͖ग़͠෦෼ BGUFS w ৽LFZͰ$PPLJFʹॻ͖ग़͠ w چLFZͷ$PPLJF͸࡟আ

Slide 17

Slide 17 text

17 class CompatibleCookieStore < ActionDispatch::Session::CookieStore def initialize(app, options = {}) super(app, options) @old_key = options[:old_session_key] end def get_cookie(env) jar = cookie_jar(env) if jar.key?(@key) jar.encrypted[@key] else jar.signed[@old_key] end end def set_cookie(env, session_id, cookie) jar = cookie_jar(env) jar.encrypted[@key] = cookie if jar.key?(@old_key) jar.delete(@old_key) end end def cookie_jar(env) request = ActionDispatch::Request.new(env) request.cookie_jar end end Rails.application.config.session_store :compatible_cookie_store, key: '_fril_user_session', expire_after: 1.month, domain: ‘.fril.jp’, old_session_key: '_fril_web_session' શମ૾

Slide 18

Slide 18 text

18 ·ͱΊ w TFTTJPO@TUPSFʹΧελϜΫϥεΛࢦఆ͢Δ͜ͱͰ ॊೈ ͳηογϣϯͷಡΈॻ͖Λ͢Δ͜ͱ͕Ͱ͖Δ w ࠓճ͸৽چ$PPLJFΛಡΊΔΑ͏ʹ͢Δ͜ͱͰڧ੍ϩά Ξ΢τແ͠ͰηογϣϯΛҠߦ͠ ෳ਺ΞϓϦέʔγϣϯ ؒͰηογϣϯͷڞ༗Λ͢Δ͜ͱ͕Ͱ͖ͨ

Slide 19

Slide 19 text

19 ͝੩ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠