Add ENV variable to control session_store

1566d5fd · nmilojevic1 · Nikola Milojevic · f4756e90 · 1566d5fd · 1566d5fd
Commit 1566d5fd authored Nov 02, 2021 by nmilojevic1 Committed by Nikola Milojevic Nov 05, 2021
Hide whitespace changes
Inline Side-by-side

Showing with 17 additions and 16 deletions

config/initializers/session_store.rb config/initializers/session_store.rb +11 -10

spec/initializers/session_store_spec.rb spec/initializers/session_store_spec.rb +6 -6

No files found.
--- a/config/initializers/session_store.rb
+++ b/config/initializers/session_store.rb
@@ -18,14 +18,15 @@ cookie_key = if Rails.env.development?
             else
               "_gitlab_session"
             end
-if Gitlab::Utils.to_boolean(ENV['GITLAB_LEGACY_SESSION_STORE'], default: false)
-  sessions_config = Gitlab::Redis::SharedState.params
-  sessions_config[:namespace] = Gitlab::Redis::SharedState::SESSION_NAMESPACE

+if Gitlab::Utils.to_boolean(ENV['GITLAB_REDIS_STORE_WITH_SESSION_STORE'], default: true)
+  store = Gitlab::Redis::SharedState.store(
+    namespace: Gitlab::Redis::SharedState::SESSION_NAMESPACE
+  )

  Gitlab::Application.config.session_store(
    :redis_store, # Using the cookie_store would enable session replay attacks.
-    servers: sessions_config,
+    redis_store: store,
    key: cookie_key,
    secure: Gitlab.config.gitlab.https,
    httponly: true,
@@ -33,17 +34,17 @@ if Gitlab::Utils.to_boolean(ENV['GITLAB_LEGACY_SESSION_STORE'], default: false)
    path: Rails.application.config.relative_url_root.presence || '/'
  )
 else
-  store = Gitlab::Redis::SharedState.store(
-    namespace: Gitlab::Redis::SharedState::SESSION_NAMESPACE
-  )
+  sessions_config = Gitlab::Redis::SharedState.params
+  sessions_config[:namespace] = Gitlab::Redis::SharedState::SESSION_NAMESPACE

  Gitlab::Application.config.session_store(
    :redis_store, # Using the cookie_store would enable session replay attacks.
-    redis_store: store,
+    servers: sessions_config,
    key: cookie_key,
-    expires_in: Settings.gitlab['session_expire_delay'] * 60,
+    secure: Gitlab.config.gitlab.https,
    httponly: true,
-    secure: Gitlab.config.gitlab.https
+    expires_in: Settings.gitlab['session_expire_delay'] * 60,
+    path: Rails.application.config.relative_url_root.presence || '/'
  )
 end


--- a/spec/initializers/session_store_spec.rb
+++ b/spec/initializers/session_store_spec.rb
@@ -10,26 +10,26 @@ RSpec.describe 'Session initializer for GitLab' do
  end

  describe 'config#session_store' do
-    context 'when the GITLAB_LEGACY_SESSION_STORE env is enabled' do
+    context 'when the GITLAB_REDIS_STORE_WITH_SESSION_STORE env is not set' do
      before do
-        stub_env('GITLAB_LEGACY_SESSION_STORE', true)
+        stub_env('GITLAB_REDIS_STORE_WITH_SESSION_STORE', nil)
      end

      it 'returns the regular cookie without a suffix' do
-        expect(subject).to receive(:session_store).with(:redis_store, a_hash_including(servers: kind_of(Hash)))
+        expect(subject).to receive(:session_store).with(:redis_store, a_hash_including(redis_store: kind_of(::Redis::Store)))

        load_session_store
      end

    end

-    context 'when the GITLAB_LEGACY_SESSION_STORE env is not set' do
+    context 'when the GITLAB_REDIS_STORE_WITH_SESSION_STORE env is disabled' do
      before do
-        stub_env('GITLAB_LEGACY_SESSION_STORE', nil)
+        stub_env('GITLAB_REDIS_STORE_WITH_SESSION_STORE', false)
      end

      it 'returns the regular cookie without a suffix' do
-        expect(subject).to receive(:session_store).with(:redis_store, a_hash_including(redis_store: kind_of(::Redis::Store)))
+        expect(subject).to receive(:session_store).with(:redis_store, a_hash_including(servers: kind_of(Hash)))

        load_session_store
      end