[#279] Web sessions use cookies instead of files on disk (M. Johnson)

2016-10-01 16:27:48 +01:00
parent a6839a5850
commit 0cc7e029f3
8 changed files with 25 additions and 7 deletions
--- a/Netdisco/Changes
+++ b/Netdisco/Changes
@@ -5,6 +5,7 @@
  * systemd deployment guide
  * document env var for https reverse proxy (B. Marshall)
  * FreeBSD sshcollector support (H. Teulahti)
+  * [#279] Web sessions use cookies instead of files on disk (M. Johnson)

  [BUG FIXES]

--- a/Netdisco/Makefile.PL
+++ b/Netdisco/Makefile.PL
@@ -23,6 +23,7 @@ requires 'Dancer' => '1.3132';
 requires 'Dancer::Plugin::DBIC' => 0.2001;
 requires 'Dancer::Plugin::Auth::Extensible' => 0.30;
 requires 'Dancer::Plugin::Passphrase' => '2.0.1';
+requires 'Dancer::Session::Cookie' => '0.27';
 requires 'File::ShareDir' => 1.03;
 requires 'File::Slurp' => 9999.19;
 requires 'Guard' => 1.022;
--- a/Netdisco/bin/netdisco-deploy
+++ b/Netdisco/bin/netdisco-deploy
@@ -125,6 +125,7 @@ sub _make_password {
  }
 }

+# set up initial admin user
 my $users = schema('netdisco')->resultset('User');
 if ($users->search({-bool => 'admin'})->count == 0) {
    say '';
@@ -149,6 +150,12 @@ if ($users->search({-bool => 'admin'})->count == 0) {
    print color 'reset';
 }

+# set initial dancer web session cookie key
+schema('netdisco')->resultset('Session')->find_or_create(
+  {id => 'dancer_session_cookie_key', a_session => \'md5(random()::text)'},
+  {key => 'primary'},
+);
+
 say '';
 $bool = $term->ask_yn(
  prompt => 'Download and update vendor MAC prefixes (OUI data)?', default => 'n',
--- a/Netdisco/bin/netdisco-web
+++ b/Netdisco/bin/netdisco-web
@@ -70,6 +70,10 @@ foreach my $file ($pid_file, $log_file) {
    chown $uid, $gid, $file;
 }

+# clean old web sessions
+my $sdir = dir($home, 'netdisco-web-sessions')->stringify;
+unlink glob file($sdir, '*');
+
 Daemon::Control->new({
  name => 'Netdisco Web',
  program  => \&restarter,
--- a/Netdisco/bin/netdisco-web-fg
+++ b/Netdisco/bin/netdisco-web-fg
@@ -27,9 +27,6 @@ use App::Netdisco;
 use Dancer;
 warning sprintf "App::Netdisco %s web", ($App::Netdisco::VERSION || 'HEAD');

-my $home = ($ENV{NETDISCO_HOME} || $ENV{HOME});
-set(session_dir => dir($home, 'netdisco-web-sessions')->stringify);
-
 set plack_middlewares => [
  ['Plack::Middleware::ReverseProxy'],
  [ Expires => (
--- a/Netdisco/lib/App/Netdisco/Manual/Configuration.pod
+++ b/Netdisco/lib/App/Netdisco/Manual/Configuration.pod
@@ -1217,10 +1217,10 @@ you're doing.

 =head3 C<session>

-Value: String. Default: C<YAML>.
+Value: String. Default: C<cookie>.

-How to handle web sessions. Default is to store on disk so they can be shared
-between multiple web server processes (although it's slower).
+How to handle web sessions. Default is to store in an encrypted cookie
+using a key stored in the database by C<netdisco-deploy>.

 =head3 C<template>

--- a/Netdisco/lib/App/Netdisco/Web.pm
+++ b/Netdisco/lib/App/Netdisco/Web.pm
@@ -56,6 +56,13 @@ if (setting('extra_web_plugins') and ref [] eq ref setting('extra_web_plugins'))
 push @{ config->{engines}->{netdisco_template_toolkit}->{INCLUDE_PATH} },
     setting('views');

+# load cookie key from database
+setting('session_cookie_key' => undef);
+my $sessions = schema('netdisco')->resultset('Session');
+my $skey = $sessions->find({id => 'dancer_session_cookie_key'});
+setting('session_cookie_key' => $skey->get_column('a_session')) if $skey;
+Dancer::Session::Cookie::init(session);
+
 # workaround for https://github.com/PerlDancer/Dancer/issues/935
 hook after_error_render => sub { setting('layout' => 'main') };

--- a/Netdisco/share/config.yml
+++ b/Netdisco/share/config.yml
@@ -308,7 +308,8 @@ plugins:
      users:
        provider: 'App::Netdisco::Web::Auth::Provider::DBIC'
        schema_name: 'netdisco'
-session: 'YAML'
+session: 'cookie'
+session_cookie_key: 'this_will_be_overridden_on_webapp_startup'
 template: 'netdisco_template_toolkit'
 route_cache: true
 appname: 'Netdisco'