# class Sessions class Sessions def initialize(request, response) @request = request @response = response end def signed_in?(code) $active_users[code] end def logout(uid) $active_users.delete(uid) delete("user") DB["delete from SignedInUsers where code = ?", uid].delete true rescue Sequel::Error => e Logman.log "DB Error: #{e.message}\n" false end def login(username, pass) Logman.log "Logging in: #{username} & #{pass} #{ENV_HASH["SALT"]}\n" player = Players.authorized?(username, pass) if player code = Array.new(24) { ALPHANUM.sample }.join self["user", code] = code $active_users[code] = username begin DB["insert into SignedInUsers (code, player) values (?, ?)", code, username].insert rescue Sequel::Error => e Logman.log "DB Error: #{e.message}\n" return [500, "Internal server error when signing you in!"] end return [200, "Remember to verify your email!"] unless Players.verified?(username) [200, "Signed in successfully!"] else [200, "Couldn't sign you in (Username or password incorrect)!"] end end def []=(key, uid, val) session = @request.cookies["session"] session = session.nil? ? "{}" : Zlib::Inflate.inflate(Base64.decode64(session)) session = JSON.parse(session) session[key] = val compressed = Zlib::Deflate.deflate(JSON.generate(session)) encoded = Base64.encode64(compressed) @response.set_cookie("session", value: encoded, path: "/", expires: Time.now + 360 * 24 * 60 * 60) DB["UPDATE SignedInUsers SET last_used_at = CURRENT_TIMESTAMP WHERE code = ?", uid].update if uid rescue JSON::ParserError, Zlib::Error @response.delete_cookie("session") rescue Sequel::Error => e Logman.log "DB Error: #{e.message} when updating last_used_at for #{uid}\n" end def [](key, uid: nil) session = @request.cookies["session"] session = session.nil? ? "{}" : Zlib::Inflate.inflate(Base64.decode64(session)) session = JSON.parse(session) begin DB["UPDATE SignedInUsers SET last_used_at = CURRENT_TIMESTAMP WHERE code = ?", uid].update if uid rescue Sequel::Error => e Logman.log "DB Error: #{e.message} when updating last_used_at for #{uid}\n" end session[key] rescue JSON::ParserError, Zlib::Error @response.delete_cookie("session") "" end def message=(val) @response.set_cookie("message", value: val, path: "/", expires: Time.now + 360 * 24 * 60 * 60) end def message @request.cookies["message"] end def all session = @request.cookies["session"] session = session.nil? ? "{}" : Zlib::Inflate.inflate(Base64.decode64(session)) JSON.parse(session) rescue JSON::ParserError, Zlib::Error @response.delete_cookie("session") {} end def delete(key) session = @request.cookies["session"] session = session.nil? ? "{}" : Zlib::Inflate.inflate(Base64.decode64(session)) session = JSON.parse(session) session.delete(key) Logman.log "Deleted: #{key}" Logman.log session.inspect compressed = Zlib::Deflate.deflate(JSON.generate(session)) encoded = Base64.encode64(compressed) @response.set_cookie("session", value: encoded, path: "/", expires: Time.now + 360 * 24 * 60 * 60) rescue JSON::ParserError, Zlib::Error @response.delete_cookie("session") end Thread.new do loop do now = Time.now fifteen_days_ago = now - (60 * 60 * 24 * 15) six_days_ago = now - (60 * 60 * 24 * 6) old_sessions = (DB[:SignedInUsers].where { created_at < fifteen_days_ago }.all + DB[:SignedInUsers].where { last_used_at < six_days_ago }.all).uniq { |s| s[:code] } old_sessions.each do |session| begin DB[:SignedInUsers].where(code: session[:code]).delete rescue StandardError => e Logman.log "Thread DB error: #{e.message} on #{session[:code]} for #{session[:player]}\n" end $active_users.delete(session[:code]) puts "Auto-logged out: #{session[:player]} (expired session)" end rescue StandardError => e Logman.log "Thread error: #{e.message}\n" ensure sleep 60 * 60 * 24 Logman.log "Thread sleeping\n" end end end