class Rage::Session


“‘
brew install libsodium
“`bash
- macOS (using Homebrew):
“`
sudo yum install libsodium
“`bash
- Fedora / RHEL / Amazon Linux:
“`
sudo apt install libsodium23
“`bash
- Ubuntu / Debian:
it is installed by default; if not, install it with:
Rage sessions use libsodium (via RbNaCl) for encryption. On many Debian-based systems
## System Dependencies
“`
export SECRET_KEY_BASE=“my-secret-key”
“`bash
or via the `SECRET_KEY_BASE` environment variable:
“`
end
config.secret_key_base = “my-secret-key”
Rage.configure do |config|
“`ruby
3. Configure your application to use the generated key, either via configuration:
“`
ruby -r securerandom -e ’puts SecureRandom.hex(64)‘
“`bash
2. Generate a secret key base (keep this value private and out of version control):
“`
bundle add base64 domain_name rbnacl
“`bash
1. Add the required gems to your `Gemfile`:
## Setup
Rage sessions are encrypted using a secret key. This prevents clients from reading or tampering with session data.
authentication mechanisms for browser-based clients.
Sessions securely store data between requests using cookies and are typically one of the most convenient and secure
#

def self.key

Other tags:
    Private: - 
def self.key
  @key ||= Rage.config.session.key&.to_sym || :"_#{Rage.root.basename.to_s.gsub(/\W/, "_").downcase}_session"
end

def [](key)

Parameters:
  • key (Symbol) -- 
def [](key)
  read_session[key]
end

def []=(key, value)

Parameters:
  • value (String) --
  • key (Symbol) -- 
def []=(key, value)
  write_session(add: { key => value })
end

def clear

Clears the session. 
def clear
  write_session(clear: true)
end

def delete(key)

Parameters:
  • key (Symbol) -- 
def delete(key)
  write_session(remove: key)
end

def dig(*keys) 

def dig(*keys)
  read_session.dig(*keys)
end

def each(&block) 

def each(&block)
  read_session.each(&block)
end

def empty? 

def empty?
  read_session.empty?
end

def fetch(key, default = nil, &block)

Parameters:
  • key (Symbol) -- 
def fetch(key, default = nil, &block)
  if default.nil?
    read_session.fetch(key, &block)
  else
    read_session.fetch(key, default, &block)
  end
end

def has_key?(key)

Returns `true` if the given key is present in the session. 
def has_key?(key)
  read_session.has_key?(key)
end

def initialize(cookies)

Other tags:
    Private: - 
def initialize(cookies)
  @cookies = cookies.encrypted
end

def inspect 

def inspect
  "#<#{self.class.name} @session=#{to_h.inspect}"
end

def read_session 

def read_session
  @session ||= begin
    session_value = @cookies[self.class.key] || @cookies[Rack::RACK_SESSION.to_sym] || "{}"
    JSON.parse(session_value, symbolize_names: true)
  rescue JSON::ParserError
    Rage.logger.debug("Failed to parse session cookie, resetting session")
    {}
  end
end

def to_hash

Returns the session as Hash. 
def to_hash
  read_session
end

def write_session(add: nil, remove: nil, clear: nil) 

def write_session(add: nil, remove: nil, clear: nil)
  if add
    read_session.merge!(add)
  elsif remove && read_session.has_key?(remove)
    read_session.reject! { |k, _| k == remove }
  elsif clear
    read_session.clear
  end
  @cookies[self.class.key] = { httponly: true, same_site: :lax, value: read_session.to_json }
end