Commit d4740a3742632ad9bb33a82d695509ffd5a370ff to danhodos's session_consistency

danhodos / session_consistency

Description:	Rails plugin to ensure session consistency by checking the user_agent and/or remote_ip before each request.
Clone URL:	git://github.com/danhodos/session_consistency.git Give this clone URL to anyone. `git clone git://github.com/danhodos/session_consistency.git`

Updates plugin for Rails 2.x, specifically:

 * Stop using 'return false to halt filter chain' pattern and explicitly 
 render or redirect when consistency check fails
 * Update tests to expect an error HTTP status code instead of a 0

danhodos (author)

Mon May 12 19:17:01 -0700 2008

commit d4740a3742632ad9bb33a82d695509ffd5a370ff
tree 3e262c48d188d396dda1428ef89a4cba96c5968a
parent dd55c681604cb8c7159fbc197d9e474fe32b9ad6

lib/session_consistency.rb
test/session_consistency_test.rb

lib/session_consistency.rb

0
@@ -26,9 +26,8 @@ module DanHodos
0
         
0
         unless session[:consistency_check] == consistency_checksum
0
           redirect_to self.class.session_consistency_options[:redirect] and return if self.class.session_consistency_options[:redirect]
0
+          render :nothing => true, :status => 500
0
         end
0
-        
0
-        session[:consistency_check] == consistency_checksum
0
       end
0
     
0
     private

test/session_consistency_test.rb

0
@@ -12,7 +12,7 @@ class SessionConsistencyTest < Test::Unit::TestCase
0
   def setup
0
     @controller = SessionConsistencyController.new
0
     @request    = ActionController::TestRequest.new
0
-    @request.env["HTTP_USER_AGENT"] = "Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en) AppleWebKit/522.11.1 (KHTML, like Gecko) Version/3.0.3 Safari/522.12.1"
0
+    @request.user_agent = "Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en) AppleWebKit/522.11.1 (KHTML, like Gecko) Version/3.0.3 Safari/522.12.1"
0
     @response   = ActionController::TestResponse.new
0
   end
0
   
0
@@ -34,10 +34,10 @@ class SessionConsistencyTest < Test::Unit::TestCase
0
   def test_should_halt_filter_chain_if_user_agent_changes
0
     checksum = consistency_checksum
0
     
0
-    @request.env["HTTP_USER_AGENT"] = "Some New User Agent"
0
+    @request.user_agent = "Some New User Agent"
0
     get :index, {}, {:consistency_check => checksum }
0
     
0
-    assert_response 0
0
+    assert_response :error
0
   end
0
   
0
   def test_should_halt_filter_chain_if_remote_ip_changes
0
@@ -46,7 +46,7 @@ class SessionConsistencyTest < Test::Unit::TestCase
0
     @request.env["REMOTE_ADDR"] = "123.42.67.254"
0
     get :index, {}, {:consistency_check => checksum }
0
     
0
-    assert_response 0
0
+    assert_response :error
0
   end
0
   
0
 private

Comments

No one has commented yet.