Comments (18)
Thanks @gaynetdinov. I'll look into it some time next week.
from plug_rails_cookie_session_store.
I this just a question of changing the Phoenix session serializer, or are there dragons lurking?
If just the former, I could give it a try.
Dave
from plug_rails_cookie_session_store.
Sorry, life got in the way. @pragdave yes, it should be just a matter of changing the serializer in the plug configuration.
from plug_rails_cookie_session_store.
@pragdave did you get a chance to try the marshal serializer?
from plug_rails_cookie_session_store.
Yes and no. I made a start, but then bumped into the issue that all the
encrypting instructions were for (I assume) Rails 4, and my current need is
a big Rails 3 app. I felt I was about to go down a rabbit hole, so instead
I wrote a trivial Rails endpoint that my Phoenix app can use. It takes a
session cookie and returns the contents as JSON.
Cheers
Dave
On Fri, Feb 5, 2016 at 8:06 PM, Chris Constantin [email protected]
wrote:
@pragdave https://github.com/pragdave did you get a chance to try the
marshal serializer?—
Reply to this email directly or view it on GitHub
#2 (comment)
.
from plug_rails_cookie_session_store.
I've taken a try at applying ExMarshal as a serializer but I'm a bit stuck.
I wrote a serializer like this:
defmodule RailsSessionSerializer do
def encode(value) do
{:ok, ExMarshal.encode(value)}
end
def decode(value) do
{:ok, ExMarshal.decode(value)}
end
end
And attached it to my endpoint like this:
plug Plug.Session,
store: PlugRailsCookieSessionStore,
key: "_my_key",
domain: ".my.domain",
secure: true,
signing_salt: "my-salt",
encrypt: true,
encryption_salt: "my-other-salt",
key_iterations: 1000,
key_length: 64,
key_digest: :sha,
serializer: RailsSessionSerializer
But sadly it seems to die during deserialization:
** (exit) an exception was raised:
** (ExMarshal.DecodeError) term which starts with the following symbol is not supported: "\""
lib/ex_marshal/decoder.ex:44: ExMarshal.Decoder.decode_element/2
lib/ex_marshal/decoder.ex:249: ExMarshal.Decoder.decode_hash/4
lib/ex_marshal/decoder.ex:3: ExMarshal.Decoder.decode/1
(helpdesk) lib/helpdesk/endpoint.ex:8: Helpdesk.Endpoint.RailsSessionSerializer.decode/1
lib/plug_rails_cookie_session_store.ex:120: PlugRailsCookieSessionStore.decode/2
(plug) lib/plug/session.ex:74: anonymous fn/5 in Plug.Session.fetch_session/1
(plug) lib/plug/debugger.ex:185: Plug.Debugger.maybe_fetch_session/1
(plug) lib/plug/debugger.ex:172: Plug.Debugger.render/6
(plug) lib/plug/debugger.ex:152: Plug.Debugger.__catch__/5
(helpdesk) lib/helpdesk/endpoint.ex:1: Helpdesk.Endpoint.call/2
(plug) lib/plug/adapters/cowboy/handler.ex:15: Plug.Adapters.Cowboy.Handler.upgrade/4
(cowboy) src/cowboy_protocol.erl:442: :cowboy_protocol.execute/4
I'm quite new to this, so I didn't know a good way to debug. I found ex_marshal
in my deps
and added:
# decoder.ex, line 39
symbol ->
IO.inspect symbol
IO.inspect to_char_list(symbol)
IO.inspect value
raise ExMarshal.DecodeError, reason: {:not_supported, symbol}
which gave me some output:
[EM error]
"\""
'"'
<<12, 47, 101, 118, 101, 110, 116, 115, 73, 34, 26, 115, 101, 115, 115, 105,
111, 110, 95, 105, 110, 95, 114, 101, 100, 105, 115, 95, 104, 97, 115, 104, 6,
59, 0, 70, 84, 73, 34, 20, 115, 116, 114, 105, 112, 101, 95, 114, 101, 100,
...>>
I'm not sure what's going wrong ... or where, but I thought I'd share in case anyone has encountered this before!
from plug_rails_cookie_session_store.
@rmosolgo thank you for your effort! Could you please try to put IO.inspect(value, width: 300)
so the value
ExMarshal
failed to decode will be displayed fully(the whole list without ...
in the end) so I can try to decode it using ExMarshal
on my own. Thanks again!
from plug_rails_cookie_session_store.
I ended up using limit:
, like this:
symbol ->
IO.puts "[EM error]"
IO.inspect symbol
IO.inspect to_char_list(symbol)
IO.inspect value, limit: 3000
raise ExMarshal.DecodeError, reason: {:not_supported, symbol}
And it gave me:
[EM error]
"\""
'"'
<<12, 47, 101, 118, 101, 110, 116, 115, 73, 34, 26, 115, 101, 115, 115, 105,
111, 110, 95, 105, 110, 95, 114, 101, 100, 105, 115, 95, 104, 97, 115, 104, 6,
59, 0, 70, 84, 73, 34, 20, 115, 116, 114, 105, 112, 101, 95, 114, 101, 100,
105, 114, 101, 99, 116, 6, 59, 0, 70, 73, 34, 32, 104, 116, 116, 112, 58, 47,
47, 103, 105, 118, 105, 110, 103, 46, 112, 99, 111, 46, 100, 101, 118, 47,
115, 101, 116, 117, 112, 6, 59, 0, 84, 73, 34, 35, 103, 114, 111, 117, 112,
115, 95, 112, 101, 114, 115, 105, 115, 116, 101, 100, 95, 102, 105, 108, 116,
101, 114, 95, 112, 97, 114, 97, 109, 115, 6, 59, 0, 70, 123, 7, 48, 73, 34, 0,
6, 59, 0, 70, 58, 20, 108, 97, 115, 116, 95, 103, 114, 111, 117, 112, 95, 116,
121, 112, 101, 48, 73, 34, 10, 102, 108, 97, 115, 104, 6, 59, 0, 84, 123, 7,
73, 34, 12, 100, 105, 115, 99, 97, 114, 100, 6, 59, 0, 84, 91, 6, 73, 34, 19,
110, 101, 120, 116, 95, 98, 114, 111, 97, 100, 99, 97, 115, 116, 6, 59, 0, 70,
73, 34, 12, 102, 108, 97, 115, 104, 101, 115, 6, 59, 0, 84, 123, 6, 73, 34,
19, 110, 101, 120, 116, 95, 98, 114, 111, 97, 100, 99, 97, 115, 116, 6, 59, 0,
70, 48>>
I'm interested to hear what you find!
from plug_rails_cookie_session_store.
Ah, yes, limit
. Thanks! I'll take a look.
from plug_rails_cookie_session_store.
Can you please put your debug statement IO.inspect value, limit: 3000
here https://github.com/gaynetdinov/ex_marshal/blob/master/lib/ex_marshal/decoder.ex#L3, before case
. I should've asked this first, sorry. The point is that the binary you provided is not full, some parts of it might be decoded before. Thanks!
from plug_rails_cookie_session_store.
Also if you can output the original value which is going be encoded by Ruby, that would be super awesome :)
from plug_rails_cookie_session_store.
Sure, here's what I've got:
Full marshaled binary
I put this a little bit sooner, so it also includes the marshal version bytes:
defmodule RailsSessionSerializer do
# ...
def decode(value) do
IO.puts("[Endpoint] decode")
IO.inspect(value, limit: 5000)
{:ok, ExMarshal.decode(value)}
end
end
[Endpoint] decode
<<4, 8, 123, 21, 73, 34, 15, 115, 101, 115, 115, 105, 111, 110, 95, 105, 100, 6,
58, 6, 69, 84, 73, 34, 69, 97, 55, 100, 51, 53, 56, 54, 52, 56, 102, 49, 54,
97, 50, 101, 100, 53, 100, 54, 54, 100, 100, 50, 97, 98, 97, 55, 55, 54, 97,
57, 57, 55, 51, 48, 52, 50, 97, 54, 102, 52, 100, 53, 49, 49, 97, 48, 101, 57,
50, 100, 54, 98, 102, 56, 100, 48, 99, 101, 52, 55, 53, 50, 54, 6, 59, 0, 70,
73, 34, 16, 95, 99, 115, 114, 102, 95, 116, 111, 107, 101, 110, 6, 59, 0, 70,
73, 34, 49, 101, 86, 53, 98, 114, 74, 76, 115, 114, 80, 111, 103, 107, 76, 47,
66, 108, 65, 74, 67, 109, 107, 76, 109, 51, 74, 49, 99, 101, 74, 102, 43, 81,
71, 54, 97, 47, 98, 85, 66, 99, 81, 107, 61, 6, 59, 0, 70, 73, 34, 27, 97, 99,
99, 111, 117, 110, 116, 95, 99, 101, 110, 116, 101, 114, 95, 117, 115, 101,
114, 95, 105, 100, 6, 59, 0, 70, 105, 6, 73, 34, 36, 97, 99, 99, 111, 117,
110, 116, 95, 99, 101, 110, 116, 101, 114, 95, 118, 101, 114, 105, 102, 105,
101, 100, 95, 117, 115, 101, 114, 95, 105, 100, 6, 59, 0, 70, 105, 6, 73, 34,
35, 97, 99, 99, 111, 117, 110, 116, 95, 99, 101, 110, 116, 101, 114, 95, 111,
114, 103, 97, 110, 105, 122, 97, 116, 105, 111, 110, 95, 105, 100, 6, 59, 0,
70, 105, 6, 73, 34, 25, 115, 104, 111, 119, 95, 98, 114, 111, 119, 115, 101,
114, 95, 119, 97, 114, 110, 105, 110, 103, 6, 59, 0, 70, 70, 73, 34, 23, 97,
112, 112, 95, 118, 101, 114, 115, 105, 111, 110, 95, 115, 116, 114, 105, 110,
103, 6, 59, 0, 70, 73, 34, 8, 48, 46, 48, 6, 59, 0, 70, 73, 34, 21, 115, 101,
115, 115, 105, 111, 110, 95, 105, 110, 95, 114, 101, 100, 105, 115, 6, 59, 0,
70, 84, 73, 34, 14, 103, 117, 101, 115, 116, 95, 105, 100, 115, 6, 59, 0, 70,
91, 0, 73, 34, 9, 99, 115, 114, 102, 6, 59, 0, 70, 64, 9, 73, 34, 13, 116,
114, 97, 99, 107, 105, 110, 103, 6, 59, 0, 70, 123, 7, 73, 34, 20, 72, 84, 84,
80, 95, 85, 83, 69, 82, 95, 65, 71, 69, 78, 84, 6, 59, 0, 84, 73, 34, 45, 100,
99, 101, 53, 98, 101, 50, 56, 53, 98, 52, 102, 99, 52, 53, 99, 55, 53, 102,
49, 100, 100, 52, 55, 50, 50, 52, 48, 51, 55, 50, 99, 99, 55, 48, 102, 55,
100, 99, 48, 6, 59, 0, 70, 73, 34, 25, 72, 84, 84, 80, 95, 65, 67, 67, 69, 80,
84, 95, 76, 65, 78, 71, 85, 65, 71, 69, 6, 59, 0, 84, 73, 34, 45, 54, 54, 101,
97, 101, 57, 55, 49, 52, 57, 50, 57, 51, 56, 99, 50, 100, 99, 99, 50, 102, 98,
49, 100, 100, 99, 56, 100, 55, 101, 99, 51, 49, 57, 54, 48, 51, 55, 100, 97,
6, 59, 0, 70, 73, 34, 28, 108, 97, 115, 116, 95, 118, 105, 115, 105, 116, 101,
100, 95, 97, 100, 109, 105, 110, 95, 112, 97, 103, 101, 6, 59, 0, 70, 34, 12,
47, 101, 118, 101, 110, 116, 115, 73, 34, 26, 115, 101, 115, 115, 105, 111,
110, 95, 105, 110, 95, 114, 101, 100, 105, 115, 95, 104, 97, 115, 104, 6, 59,
0, 70, 84, 73, 34, 20, 115, 116, 114, 105, 112, 101, 95, 114, 101, 100, 105,
114, 101, 99, 116, 6, 59, 0, 70, 73, 34, 32, 104, 116, 116, 112, 58, 47, 47,
103, 105, 118, 105, 110, 103, 46, 112, 99, 111, 46, 100, 101, 118, 47, 115,
101, 116, 117, 112, 6, 59, 0, 84, 73, 34, 35, 103, 114, 111, 117, 112, 115,
95, 112, 101, 114, 115, 105, 115, 116, 101, 100, 95, 102, 105, 108, 116, 101,
114, 95, 112, 97, 114, 97, 109, 115, 6, 59, 0, 70, 123, 7, 48, 73, 34, 0, 6,
59, 0, 70, 58, 20, 108, 97, 115, 116, 95, 103, 114, 111, 117, 112, 95, 116,
121, 112, 101, 48, 73, 34, 10, 102, 108, 97, 115, 104, 6, 59, 0, 84, 123, 7,
73, 34, 12, 100, 105, 115, 99, 97, 114, 100, 6, 59, 0, 84, 91, 6, 73, 34, 19,
110, 101, 120, 116, 95, 98, 114, 111, 97, 100, 99, 97, 115, 116, 6, 59, 0, 70,
73, 34, 12, 102, 108, 97, 115, 104, 101, 115, 6, 59, 0, 84, 123, 6, 73, 34,
19, 110, 101, 120, 116, 95, 98, 114, 111, 97, 100, 99, 97, 115, 116, 6, 59, 0,
70, 48>>
Rails session
I put this:
Rails.logger.info(JSON.pretty_generate(session.as_json))
{
"session_id": "a7d358648f16a2ed5d66dd2aba776a9973042a6f4d511a0e92d6bf8d0ce47526",
"_csrf_token": "eV5brJLsrPogkL/BlAJCmkLm3J1ceJf+QG6a/bUBcQk=",
"account_center_user_id": 1,
"account_center_verified_user_id": 1,
"account_center_organization_id": 1,
"show_browser_warning": false,
"app_version_string": "0.0",
"session_in_redis": true,
"guest_ids": [
],
"csrf": "eV5brJLsrPogkL/BlAJCmkLm3J1ceJf+QG6a/bUBcQk=",
"tracking": {
"HTTP_USER_AGENT": "dce5be285b4fc45c75f1dd472240372cc70f7dc0",
"HTTP_ACCEPT_LANGUAGE": "66eae971492938c2dcc2fb1ddc8d7ec3196037da"
},
"last_visited_admin_page": "/events",
"session_in_redis_hash": true,
"stripe_redirect": "http://giving.pco.dev/setup",
"groups_persisted_filter_params": {
"": "",
"last_group_type": null
},
"flash": {
"discard": [
"next_broadcast"
],
"flashes": {
"next_broadcast": null
}
}
}
from plug_rails_cookie_session_store.
I guess I fixed the issue you've found, but I'm not sure if your rails session is now decoded properly. The problem is that you've pasted your session
as JSON.pretty_generate(session.as_json)
which might hide some original values(string vs symbol, nil -> null, nil -> "" and so on). For example this part:
"groups_persisted_filter_params": {
"": "",
"last_group_type": null
},
"":""
looks a bit fishy :) And ExMarshal decoded it as nil: ""
which looks even more strange.
Anyway, can you please use fix-decoding-of-string-encoding
branch of ExMarshal
and try again? Also, it would be great if you can provide the output of the session
variable as is.
You can find how ExMarshal decoded your rails session here https://github.com/gaynetdinov/ex_marshal/pull/7/files#diff-567c68c21ae898ac2cd38d0bfef1b6caR293
Thank you!
from plug_rails_cookie_session_store.
Derp, I totally forgot how as_json
would mess up the data types, sorry!
Here's a snippet from Rails.logger.info(session.inspect)
:
"action_dispatch.request.unsigned_session_cookie"=>{"session_id"=>"a7d358648f16a2ed5d66dd2aba776a9973042a6f4d511a0e92d6bf8d0ce47526", "_csrf_token"=>"eV5brJLsrPogkL/BlAJCmkLm3J1ceJf+QG6a/bUBcQk=", "account_center_user_id"=>1, "account_center_verified_user_id"=>1, "account_center_organization_id"=>1, "show_browser_warning"=>false, "app_version_string"=>"0.0", "session_in_redis"=>true, "guest_ids"=>[], "csrf"=>"eV5brJLsrPogkL/BlAJCmkLm3J1ceJf+QG6a/bUBcQk=", "tracking"=>{"HTTP_USER_AGENT"=>"dce5be285b4fc45c75f1dd472240372cc70f7dc0", "HTTP_ACCEPT_LANGUAGE"=>"66eae971492938c2dcc2fb1ddc8d7ec3196037da"}, "last_visited_admin_page"=>"/events", "session_in_redis_hash"=>true, "stripe_redirect"=>"http://giving.pco.dev/setup", "groups_persisted_filter_params"=>{nil=>"", :last_group_type=>nil}, "flash"=>{"discard"=>["next_broadcast"], "flashes"=>{"next_broadcast"=>nil}}}
So, it looks like you were right about nil => ""
😆
I tried the new branch, it works!! This is so awesome!!
from plug_rails_cookie_session_store.
@gaynetdinov thanks for following up on this. Would either you or @rmosolgo be willing to send a PR for the README to detail use of plug_rails_cookie_session_store
with ex_marshal
? Thanks in advance.
from plug_rails_cookie_session_store.
@rmosolgo cool! Glad it worked.
Would you like to send a PR with details how to setup ex_marshal
and plug_rails_cookie_session_store
to work together?
from plug_rails_cookie_session_store.
👍 sure, i'm an Elixir novice but I can suggest a doc change with the code I posted above!
from plug_rails_cookie_session_store.
Ok, here's my attempt! #3
from plug_rails_cookie_session_store.
Related Issues (11)
- nil can't be coerced into Fixnum HOT 3
- Cannot write session HOT 2
- Cowboy 2 compatibility HOT 1
- Issues with Rails 5.2.2 HOT 3
- LiveView Configuration Issue - LiveView session was misconfigured or the user token is outdated HOT 1
- Generation phoenix cookies like rails
- In Rails 7.1 the cookie format has changed compared to 7.0. Breaks Phx->Rails, but not Rails->Phx transition. HOT 1
- mix test fail HOT 1
- Having trouble sharing session between rails 3 and phoenix HOT 1
- Does not work on Rails 4 HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from plug_rails_cookie_session_store.