Merge pull request #37 from danrabinowitz/allow-custom-cookie-lifetime

Allow custom cookie lifetime
interdiscipline · Jun 7, 2018 · 0372d51 · 0372d51
2 parents 9e2d3ec + f11bd29
commit 0372d51
Show file tree

Hide file tree

Showing 3 changed files with 37 additions and 1 deletion.
diff --git a/app/controllers/lockup/lockup_controller.rb b/app/controllers/lockup/lockup_controller.rb
@@ -40,7 +40,7 @@ def unlock
     private
 
     def set_cookie
-      cookies[:lockup] = { value: @codeword.to_s.downcase, expires: (Time.now + 5.years) }
+      cookies[:lockup] = { value: @codeword.to_s.downcase, expires: (Time.now + cookie_lifetime) }
     end
 
     def run_redirect

diff --git a/lib/lockup.rb b/lib/lockup.rb
@@ -33,4 +33,14 @@ def lockup_codeword
       Rails.application.secrets.lockup_codeword.to_s.downcase
     end
   end
+
+  def cookie_lifetime
+    weeks = ENV['COOKIE_LIFETIME_IN_WEEKS'].to_f
+    seconds = (weeks * 1.week).to_i
+    if seconds > 0
+      seconds
+    else
+      5.years
+    end
+  end
 end
diff --git a/spec/controllers/lockup/lockup_controller_spec.rb b/spec/controllers/lockup/lockup_controller_spec.rb
@@ -14,4 +14,30 @@
       lambda { get 'unlock', format: 'text' }.should raise_error(ActionController::UnknownFormat)
     end
   end
+
+  describe "#cookie_lifetime" do
+    context "COOKIE_LIFETIME_IN_WEEKS is set to an integer" do
+      before { ENV['COOKIE_LIFETIME_IN_WEEKS'] = '52' }
+
+      it "returns the integer" do
+        controller.send(:cookie_lifetime).should eq(52.weeks)
+      end
+    end
+
+    context "COOKIE_LIFETIME_IN_WEEKS is not a valid integer" do
+      before { ENV['COOKIE_LIFETIME_IN_WEEKS'] = 'invalid value' }
+
+      it "returns the integer" do
+        controller.send(:cookie_lifetime).should eq(5.years)
+      end
+    end
+
+    context "COOKIE_LIFETIME_IN_WEEKS is not set" do
+      before { ENV.delete('COOKIE_LIFETIME_IN_WEEKS') }
+
+      it "returns the integer" do
+        controller.send(:cookie_lifetime).should eq(5.years)
+      end
+    end
+  end
 end