Display and revoke active sessions

author: Alexis Reigel ( 🌴 may 2nd - may 9th 🌴 ) <mail@koffeinfrei.org> 2018-05-02 08:08:16 +0000
committer: Douwe Maan <douwe@gitlab.com> 2018-05-02 08:08:16 +0000
commit: 9b33e3d36fcd46072b9fe83f1121fb0fd87c0fd7 (patch)
tree: 968009edb90046874d6c9d733239f77f42d19cdf /config/initializers
parent: d812ef0170ba2b482f096772d2307c64a7f6fc94 (diff)
download: gitlab-ce-9b33e3d36fcd46072b9fe83f1121fb0fd87c0fd7.tar.gz
2 files changed, 23 insertions, 15 deletions
diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb
index f2fde1e0048..da24881885e 100644
--- a/config/initializers/session_store.rb
+++ b/config/initializers/session_store.rb
@@ -15,19 +15,15 @@ cookie_key = if Rails.env.development?
                "_gitlab_session"
              end
 
-if Rails.env.test?
-  Gitlab::Application.config.session_store :cookie_store, key: "_gitlab_session"
-else
-  sessions_config = Gitlab::Redis::SharedState.params
-  sessions_config[:namespace] = Gitlab::Redis::SharedState::SESSION_NAMESPACE
+sessions_config = Gitlab::Redis::SharedState.params
+sessions_config[:namespace] = Gitlab::Redis::SharedState::SESSION_NAMESPACE
 
-  Gitlab::Application.config.session_store(
-    :redis_store, # Using the cookie_store would enable session replay attacks.
-    servers: sessions_config,
-    key: cookie_key,
-    secure: Gitlab.config.gitlab.https,
-    httponly: true,
-    expires_in: Settings.gitlab['session_expire_delay'] * 60,
-    path: Rails.application.config.relative_url_root.nil? ? '/' : Gitlab::Application.config.relative_url_root
-  )
-end
+Gitlab::Application.config.session_store(
+  :redis_store, # Using the cookie_store would enable session replay attacks.
+  servers: sessions_config,
+  key: cookie_key,
+  secure: Gitlab.config.gitlab.https,
+  httponly: true,
+  expires_in: Settings.gitlab['session_expire_delay'] * 60,
+  path: Rails.application.config.relative_url_root.nil? ? '/' : Gitlab::Application.config.relative_url_root
+)
diff --git a/config/initializers/warden.rb b/config/initializers/warden.rb
index ee034d21eae..bf079f8e1a7 100644
--- a/config/initializers/warden.rb
+++ b/config/initializers/warden.rb
@@ -6,4 +6,16 @@ Rails.application.configure do |config|
   Warden::Manager.before_failure do |env, opts|
     Gitlab::Auth::BlockedUserTracker.log_if_user_blocked(env)
   end
+
+  Warden::Manager.after_authentication do |user, auth, opts|
+    ActiveSession.cleanup(user)
+  end
+
+  Warden::Manager.after_set_user only: :fetch do |user, auth, opts|
+    ActiveSession.set(user, auth.request)
+  end
+
+  Warden::Manager.before_logout do |user, auth, opts|
+    ActiveSession.destroy(user || auth.user, auth.request.session.id)
+  end
 end
author	Alexis Reigel ( 🌴 may 2nd - may 9th 🌴 ) <mail@koffeinfrei.org>	2018-05-02 08:08:16 +0000
committer	Douwe Maan <douwe@gitlab.com>	2018-05-02 08:08:16 +0000
commit	9b33e3d36fcd46072b9fe83f1121fb0fd87c0fd7 (patch)
tree	968009edb90046874d6c9d733239f77f42d19cdf /config/initializers
parent	d812ef0170ba2b482f096772d2307c64a7f6fc94 (diff)
download	gitlab-ce-9b33e3d36fcd46072b9fe83f1121fb0fd87c0fd7.tar.gz