From 7d8e3721aea71315b0ef8e66cdc2ede0fe6ffc2a Mon Sep 17 00:00:00 2001 From: "Akihiko Odaki (@fn_aki@pawoo.net)" Date: Wed, 28 Jun 2017 21:50:23 +0900 Subject: Overwrite old statuses with reblogs in PrecomputeFeedService (#3984) --- spec/rails_helper.rb | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'spec/rails_helper.rb') diff --git a/spec/rails_helper.rb b/spec/rails_helper.rb index cfc9eec9e..9a4c8fd3c 100644 --- a/spec/rails_helper.rb +++ b/spec/rails_helper.rb @@ -13,6 +13,7 @@ Dir[Rails.root.join('spec/support/**/*.rb')].each { |f| require f } ActiveRecord::Migration.maintain_test_schema! WebMock.disable_net_connect! +Redis.current = Redis::Namespace.new("mastodon_test#{ENV['TEST_ENV_NUMBER']}", redis: Redis.current) Sidekiq::Testing.inline! Sidekiq::Logging.logger = nil @@ -43,6 +44,11 @@ RSpec.configure do |config| https = ENV['LOCAL_HTTPS'] == 'true' Capybara.app_host = "http#{https ? 's' : ''}://#{ENV.fetch('LOCAL_DOMAIN')}" end + + config.after :each do + keys = Redis.current.keys + Redis.current.del(keys) if keys.any? + end end RSpec::Sidekiq.configure do |config| -- cgit From 00df69bc89f1b5ffdf290bde8359b3854e2b1395 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Fri, 7 Jul 2017 23:25:15 +0200 Subject: Fix #4058 - Use a long-lived cookie to keep track of user-level sessions (#4091) * Fix #4058 - Use a long-lived cookie to keep track of user-level sessions * Fix tests, smooth migrate from previous session-based identifier --- app/controllers/application_controller.rb | 2 +- config/initializers/devise.rb | 20 ++++++++++++++++---- spec/rails_helper.rb | 11 ++++++++--- 3 files changed, 25 insertions(+), 8 deletions(-) (limited to 'spec/rails_helper.rb') diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 865fcd125..b3c2db02b 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -70,7 +70,7 @@ class ApplicationController < ActionController::Base end def current_session - @current_session ||= SessionActivation.find_by(session_id: session['auth_id']) + @current_session ||= SessionActivation.find_by(session_id: cookies.signed['_session_id']) end def cache_collection(raw, klass) diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index d51471d30..bf61ea0ea 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -1,17 +1,29 @@ Warden::Manager.after_set_user except: :fetch do |user, warden| - SessionActivation.deactivate warden.raw_session['auth_id'] - warden.raw_session['auth_id'] = user.activate_session(warden.request) + SessionActivation.deactivate warden.cookies.signed['_session_id'] + + warden.cookies.signed['_session_id'] = { + value: user.activate_session(warden.request), + expires: 1.year.from_now, + httponly: true, + } end Warden::Manager.after_fetch do |user, warden| - unless user.session_active?(warden.raw_session['auth_id']) + if user.session_active?(warden.cookies.signed['_session_id'] || warden.raw_session['auth_id']) + warden.cookies.signed['_session_id'] = { + value: warden.cookies.signed['_session_id'] || warden.raw_session['auth_id'], + expires: 1.year.from_now, + httponly: true, + } + else warden.logout throw :warden, message: :unauthenticated end end Warden::Manager.before_logout do |_, warden| - SessionActivation.deactivate warden.raw_session['auth_id'] + SessionActivation.deactivate warden.cookies.signed['_session_id'] + warden.cookies.delete('_session_id') end Devise.setup do |config| diff --git a/spec/rails_helper.rb b/spec/rails_helper.rb index 9a4c8fd3c..4f7399505 100644 --- a/spec/rails_helper.rb +++ b/spec/rails_helper.rb @@ -20,11 +20,16 @@ Sidekiq::Logging.logger = nil Devise::Test::ControllerHelpers.module_eval do alias_method :original_sign_in, :sign_in - def sign_in(resource, deprecated = nil, scope: nil) + def sign_in(resource, _deprecated = nil, scope: nil) original_sign_in(resource, scope: scope) - SessionActivation.deactivate warden.raw_session["auth_id"] - warden.raw_session["auth_id"] = resource.activate_session(warden.request) + SessionActivation.deactivate warden.cookies.signed['_session_id'] + + warden.cookies.signed['_session_id'] = { + value: resource.activate_session(warden.request), + expires: 1.year.from_now, + httponly: true, + } end end -- cgit