Commit f4756e90 authored by nmilojevic1's avatar nmilojevic1 Committed by Nikola Milojevic

Initialize redis stoer and use it for session_store

- Add specs and ENV variable
parent 2b63a368
......@@ -18,16 +18,33 @@ cookie_key = if Rails.env.development?
else
"_gitlab_session"
end
if Gitlab::Utils.to_boolean(ENV['GITLAB_LEGACY_SESSION_STORE'], default: false)
sessions_config = Gitlab::Redis::SharedState.params
sessions_config[:namespace] = Gitlab::Redis::SharedState::SESSION_NAMESPACE
Gitlab::Application.config.session_store(
:redis_store, # Using the cookie_store would enable session replay attacks.
servers: sessions_config,
key: cookie_key,
secure: Gitlab.config.gitlab.https,
httponly: true,
expires_in: Settings.gitlab['session_expire_delay'] * 60,
path: Rails.application.config.relative_url_root.presence || '/'
)
else
store = Gitlab::Redis::SharedState.store(
namespace: Gitlab::Redis::SharedState::SESSION_NAMESPACE
)
Gitlab::Application.config.session_store(
:redis_store, # Using the cookie_store would enable session replay attacks.
redis_store: store,
key: cookie_key,
expires_in: Settings.gitlab['session_expire_delay'] * 60,
httponly: true,
secure: Gitlab.config.gitlab.https
)
end
sessions_config = Gitlab::Redis::SharedState.params
sessions_config[:namespace] = Gitlab::Redis::SharedState::SESSION_NAMESPACE
Gitlab::Application.config.session_store(
:redis_store, # Using the cookie_store would enable session replay attacks.
servers: sessions_config,
key: cookie_key,
secure: Gitlab.config.gitlab.https,
httponly: true,
expires_in: Settings.gitlab['session_expire_delay'] * 60,
path: Rails.application.config.relative_url_root.presence || '/'
)
......@@ -17,7 +17,7 @@ module Gitlab
module Redis
class Wrapper
class << self
delegate :params, :url, to: :new
delegate :params, :url, :store, to: :new
def with
pool.with { |redis| yield redis }
......@@ -126,6 +126,10 @@ module Gitlab
sentinels && !sentinels.empty?
end
def store(extras = {})
::Redis::Store::Factory.create(redis_store_options.merge(extras))
end
private
def redis_store_options
......
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe 'Session initializer for GitLab' do
subject { Gitlab::Application.config }
let(:load_session_store) do
load Rails.root.join('config/initializers/session_store.rb')
end
describe 'config#session_store' do
context 'when the GITLAB_LEGACY_SESSION_STORE env is enabled' do
before do
stub_env('GITLAB_LEGACY_SESSION_STORE', true)
end
it 'returns the regular cookie without a suffix' do
expect(subject).to receive(:session_store).with(:redis_store, a_hash_including(servers: kind_of(Hash)))
load_session_store
end
end
context 'when the GITLAB_LEGACY_SESSION_STORE env is not set' do
before do
stub_env('GITLAB_LEGACY_SESSION_STORE', nil)
end
it 'returns the regular cookie without a suffix' do
expect(subject).to receive(:session_store).with(:redis_store, a_hash_including(redis_store: kind_of(::Redis::Store)))
load_session_store
end
end
end
end
......@@ -87,6 +87,43 @@ RSpec.shared_examples "redis_shared_examples" do
end
end
describe '.store' do
let(:rails_env) { 'development' }
subject { described_class.new(rails_env).store }
shared_examples 'redis store' do
it 'instantiates Redis::Store' do
is_expected.to be_a(::Redis::Store)
expect(subject.to_s).to eq("Redis Client connected to #{host} against DB #{redis_database}")
end
context 'with the namespace' do
let(:namespace) { 'namespace_name' }
subject { described_class.new(rails_env).store(namespace: namespace) }
it "uses specified namespace" do
expect(subject.to_s).to eq("Redis Client connected to #{host} against DB #{redis_database} with namespace #{namespace}")
end
end
end
context 'with old format' do
it_behaves_like 'redis store' do
let(:config_file_name) { config_old_format_host }
let(:host) { "localhost:#{redis_port}" }
end
end
context 'with new format' do
it_behaves_like 'redis store' do
let(:config_file_name) { config_new_format_host }
let(:host) { "development-host:#{redis_port}" }
end
end
end
describe '.params' do
subject { described_class.new(rails_env).params }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment