Using Redis as a Login Session Store Rails

用到的gem有:

gem ‘activerecord-session_store’, ‘~> 0.1.0’
gem ‘redis’, ‘~> 3.3.3’
gem ‘redis-namespace’, ‘~> 1.6.0’
gem ‘redis-rack-cache’
gem ‘redis-rails’, ‘~> 4.0.0’

config/initializers/session_store.rb

# frozen_string_literal: true

xxxxx::Application.config.session_store :redis_store,
                                           servers: [
                                             {
                                               url: ENV['REDISTOGO_URL'],
                                               namespace: 'session'
                                             }
                                           ],
                                           key: '_xxxxx_session_id',
                                           expire_after: 60.minutes,
                                           domain: ENV['COOKIES_BASE_DOMAIN'],
                                           path: '/'
 

config/application.rb:

config.middleware.use WickedPdf::Middleware
config.cache_store = :redis_store, "#{ENV["REDISTOGO_URL"]}/0/cache", { expires_in: 90.minutes }

打开terminal查看一下redis存的数据:

$ rails c

$ redis = Redis::Namespace.new(“session”, :redis => Redis.new)       //备注: 这里的字符串session就是上面定义的namespace

打开浏览器找到cookies里存储的key对应的一长串的值,根据这个值在redis里获取数据

$ redis.get(‘xxx6eb71c172dxxxx6ff17da67c08xxx’)

$ Marshal.load(redis.get(“xxx6eb71c172dxxxx6ff17da67c08xxx”))   解决显示结果的编码问题

angular 获取键盘输入的值

注意不要用event.keyCode, https://developer.mozilla.org/en-US/docs/Web/API/KeyboardEvent
 

js代码

resetBankAccountNumber(id) {
    this.setBankAccountValidity('ownBankAccount', true, id);
  }

  isInputtedValidKey(key) {
    if (key !== 'Tab' && key !== 'CapsLock') {
      return true;
    }
    return false;
  }

  filterValidKeyAndResetBankAccount(id, event) {
    if (event && this.isInputtedValidKey(event.key)) {
      this.resetBankAccountNumber(id);
    }
  }



  setBankAccountValidity(type, value, id) {
    if (this.form['bankAccountNumberField' + id]) {
      this.form['bankAccountNumberField' + id]['bankAccountNumber' + id].$setValidity(type, value);
    }
  }

html代码

  <input type="text"
           id="bank-account-number-input-{{ vm.debt.id }}"
           name="bankAccountNumber{{ vm.debt.id }}"
           ng-pattern="/^[0-9]+$/"
           ng-maxlength="9"
           ng-minlength="2"
           required
           ng-keyup="vm.validateBankAccountNumber(vm.debt.bankAccount.bsbCode,
                                                  vm.debt.bankAccount.bankAccountNumber,
                                                  vm.debt.id)"
           ng-keydown="vm.filterValidKeyAndResetBankAccount(vm.debt.id, $event)"
           ng-model="vm.debt.bankAccount.bankAccountNumber"
           placeholder="XXXXXXX" />

mac安装 jupyter notebook

https://jupyter.org/install.html

安装:pip install jupyterlab

启动: jupyter notebook

如果想用来测试http请求,需要安装requests

pip install requests

接下来测试一下get、post请求

Get access token from KeyCloak 

import requests as req
import json
reqJson = {
    "client_id":"my_application",
    "client_secret": "xxx-4e0b-4667-8f35-xxx",
    "username": "test",
    "password": "xxx",
    "grant_type": "password"
}
tokenUrl = 'http://localhost:8080/auth/realms/realm_gem/protocol/openid-connect/token'

header = {
    "Content-Type": "application/x-www-form-urlencoded",
} 

response = req.post(tokenUrl, data=reqJson, headers=header)
if response.status_code > 200:
    print (response.text)
else:
    accessToken = json.loads(response.text)['access_token']
    print(accessToken)

由于生成的token是标准的json web token,所以可以反编译出来加密前的内容,通过下面的网址可以反编译

https://jwt.io/

根据生成的token去验证

header = {
    "Authorization": "Bearer " + accessToken
} 
userinfoUrl = 'http://localhost:8080/auth/realms/realm_gem/protocol/openid-connect/userinfo'

response = req.get(userinfoUrl, headers=header)    
print(response.text)

curl -d ‘client_id=xxx-jwt-service’ -d ‘client-secret=xxx-468a-4ba6-b71a-21672d1376be’ -d ‘username=dsds@xxx’ -d ‘password=xxx’ -d ‘grant_type=password’ -X POST ‘http://localhost:8080/auth/realms/dev/protocol/openid-connect/token’

curl -H ‘Authorization: bearer ‘ -X GET ‘http://localhost:8080/auth/realms/dev/protocol/openid-connect/userinfo’