diff options
author | Rafael Mendonça França <rafael@franca.dev> | 2019-10-09 18:06:23 -0400 |
---|---|---|
committer | Rafael Mendonça França <rafael@franca.dev> | 2019-10-09 18:06:23 -0400 |
commit | 668c9a5c6055eead356b0daf25dc7d7774b76da6 (patch) | |
tree | cacb64d2559b2a8ecc6f6281f94e2770835a2f3e | |
parent | 3d74b7a903094a91f60e50b422fb5678d2756817 (diff) | |
download | rack-668c9a5c6055eead356b0daf25dc7d7774b76da6.tar.gz |
Also drop the session with the public id when destroying sessions
-rw-r--r-- | lib/rack/session/memcache.rb | 1 | ||||
-rw-r--r-- | test/spec_session_memcache.rb | 21 |
2 files changed, 22 insertions, 0 deletions
diff --git a/lib/rack/session/memcache.rb b/lib/rack/session/memcache.rb index 7a226df6..47ea8dc8 100644 --- a/lib/rack/session/memcache.rb +++ b/lib/rack/session/memcache.rb @@ -75,6 +75,7 @@ module Rack def destroy_session(env, session_id, options) with_lock(env) do + @pool.delete(session_id.public_id) @pool.delete(session_id.private_id) generate_sid unless options[:drop] end diff --git a/test/spec_session_memcache.rb b/test/spec_session_memcache.rb index 3e946940..0c4e65a3 100644 --- a/test/spec_session_memcache.rb +++ b/test/spec_session_memcache.rb @@ -255,6 +255,27 @@ begin pool.pool.get(session_id.private_id, true).wont_be_nil end + it "drops the session in the legacy id as well" do + pool = Rack::Session::Memcache.new(incrementor) + req = Rack::MockRequest.new(pool) + drop = Rack::Utils::Context.new(pool, drop_session) + dreq = Rack::MockRequest.new(drop) + + res0 = req.get("/") + cookie = res0["Set-Cookie"] + session_id = Rack::Session::SessionId.new cookie[session_match, 1] + ses0 = pool.pool.get(session_id.private_id, true) + pool.pool.set(session_id.public_id, ses0, 0, true) + pool.pool.delete(session_id.private_id) + + + res2 = dreq.get("/", "HTTP_COOKIE" => cookie) + res2["Set-Cookie"].must_be_nil + res2.body.must_equal '{"counter"=>2}' + pool.pool.get(session_id.private_id, true).must_be_nil + pool.pool.get(session_id.public_id, true).must_be_nil + end + # anyone know how to do this better? it "cleanly merges sessions when multithreaded" do skip unless $DEBUG |