diff --git a/lib/active_record/session_store/session.rb b/lib/active_record/session_store/session.rb index 3745766..ec26518 100644 --- a/lib/active_record/session_store/session.rb +++ b/lib/active_record/session_store/session.rb @@ -22,40 +22,14 @@ def data_column_size_limit @data_column_size_limit ||= columns_hash[data_column_name].limit end - # Hook to set up sessid compatibility. def find_by_session_id(session_id) - SEMAPHORE.synchronize { setup_sessid_compatibility! } - find_by_session_id(session_id) + where(session_id: session_id).first end private def session_id_column 'session_id' end - - # Compatibility with tables using sessid instead of session_id. - def setup_sessid_compatibility! - # Reset column info since it may be stale. - reset_column_information - if columns_hash['sessid'] - SessionStore.deprecator.warn <<~MSG - Using a session ID column other than `session_id` is deprecated without replacement. You should migrate your session table to use `session_id`. - MSG - - def self.find_by_session_id(session_id) - find_by_sessid(session_id) - end - - define_method(:session_id) { sessid } - define_method(:session_id=) { |session_id| self.sessid = session_id } - else - class << self; remove_possible_method :find_by_session_id; end - - def self.find_by_session_id(session_id) - where(session_id: session_id).first - end - end - end end def initialize(*) @@ -82,17 +56,13 @@ def loaded? # on all existing sessions in the database. Users will not lose their session # when this is done. def secure! - session_id_column = if self.class.columns_hash['sessid'] - :sessid - else - :session_id - end - raw_session_id = read_attribute(session_id_column) + raw_session_id = self.session_id + if ActionDispatch::Session::ActiveRecordStore.private_session_id?(raw_session_id) # is already private, nothing to do else session_id_object = Rack::Session::SessionId.new(raw_session_id) - update_column(session_id_column, session_id_object.private_id) + update_column(:session_id, session_id_object.private_id) end end diff --git a/test/session_test.rb b/test/session_test.rb index 8609bd4..8e003a0 100644 --- a/test/session_test.rb +++ b/test/session_test.rb @@ -82,34 +82,6 @@ def test_hybrid_deserialization assert_equal s.data,Session.deserialize(sessions[0][Session.data_column_name]) end - def test_find_by_sess_id_compat - # Force class reload, as we need to redo the meta-programming - ActiveRecord::SessionStore.send(:remove_const, :Session) - load 'active_record/session_store/session.rb' - - Session.reset_column_information - klass = Class.new(Session) do - def self.session_id_column - 'sessid' - end - end - klass.create_table! - - assert klass.columns_hash['sessid'], 'sessid column exists' - session = klass.new(:data => 'hello') - session.sessid = "100" - session.save! - - found = assert_deprecated(ActiveRecord::SessionStore.deprecator) do - klass.find_by_session_id("100") - end - assert_equal session, found - assert_equal session.sessid, found.session_id - ensure - klass.drop_table! - Session.reset_column_information - end - def test_find_by_session_id Session.create_table! session_id = "10" @@ -140,33 +112,6 @@ def test_session_can_be_secured assert_equal secured, session.reload.read_attribute(:session_id) end - def test_session_can_be_secured_with_sessid_compatibility - # Force class reload, as we need to redo the meta-programming - ActiveRecord::SessionStore.send(:remove_const, :Session) - load 'active_record/session_store/session.rb' - - Session.reset_column_information - klass = Class.new(Session) do - def self.session_id_column - 'sessid' - end - end - klass.create_table! - session_id = 'unsecure' - session = klass.create!(:data => 'world', :sessid => 'foo') - session.update_column(:sessid, session_id) - - assert_equal 'unsecure', session.read_attribute(:sessid) - - session.secure! - - secured = Rack::Session::SessionId.new(session_id).private_id - assert_equal secured, session.reload.read_attribute(:sessid) - ensure - klass.drop_table! - Session.reset_column_information - end - def test_secure_is_idempotent Session.create_table! session_id = 'unsecure'