rooty/fab-manager
1
0
Fork 0
mirror of https://github.com/LaCasemate/fab-manager.git synced 2025-02-21 15:54:22 +01:00
Code Issues Releases Activity

improvement: adds redis-session-store to store session and improves session security

Browse Source
This commit is contained in:
Nicolas Florentin 2022-07-29 15:28:57 +02:00
parent acbd327f6d
commit 792b899d29
3 changed files with 15 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Gemfile
View File

@ -144,3 +144,5 @@ gem 'tzinfo-data'
# compilation of dynamic stylesheets (home page & theme) # compilation of dynamic stylesheets (home page & theme)
gem 'sassc', '= 2.1.0' gem 'sassc', '= 2.1.0'
gem 'redis-session-store'

4
Gemfile.lock
View File

@ -351,6 +351,9 @@ GEM
activesupport activesupport
i18n i18n
redis (4.6.0) redis (4.6.0)
redis-session-store (0.11.4)
actionpack (>= 3, < 8)
redis (>= 3, < 5)
regexp_parser (2.5.0) regexp_parser (2.5.0)
repost (0.3.2) repost (0.3.2)
responders (2.4.1) responders (2.4.1)
@ -542,6 +545,7 @@ DEPENDENCIES
rails_12factor rails_12factor
rb-readline rb-readline
recurrence recurrence
redis-session-store
repost repost
responders (~> 2.0) responders (~> 2.0)
rolify rolify

10
config/initializers/session_store.rb
View File

@ -2,6 +2,14 @@
# Be sure to restart your server when you modify this file. # Be sure to restart your server when you modify this file.
Rails.application.config.session_store :cookie_store, redis_host = ENV['REDIS_HOST'] || 'localhost'
Rails.application.config.session_store :redis_session_store,
redis: {
expire_after: 14.days, # cookie expiration
ttl: 14.days, # Redis expiration, defaults to 'expire_after'
key_prefix: 'fabmanager:session:',
url: "redis://#{redis_host}:6379",
},
key: '_Fab-manager_session', key: '_Fab-manager_session',
secure: (Rails.env.production? || Rails.env.staging?) && !Rails.application.secrets.allow_insecure_http secure: (Rails.env.production? || Rails.env.staging?) && !Rails.application.secrets.allow_insecure_http