From 052c5d52152a0c8d3b37584491b57bcd91143f7e Mon Sep 17 00:00:00 2001
From: Quentin Champenois <26109239+Quentinchampenois@users.noreply.github.com>
Date: Thu, 11 Jan 2024 18:04:27 +0100
Subject: [PATCH] feat: Add configurable session store with ActiveRecord (#472)

---
 .env-example                                    |  4 +++-
 Gemfile                                         |  1 +
 Gemfile.lock                                    |  9 +++++++++
 config/application.rb                           |  7 +++++++
 db/migrate/20240109144022_add_sessions_table.rb | 16 ++++++++++++++++
 db/schema.rb                                    | 11 ++++++++++-
 docker-compose.local.yml                        |  2 ++
 7 files changed, 48 insertions(+), 2 deletions(-)
 create mode 100644 db/migrate/20240109144022_add_sessions_table.rb

diff --git a/.env-example b/.env-example
index 42e2541580..aa172d1031 100644
--- a/.env-example
+++ b/.env-example
@@ -72,4 +72,6 @@ DECIDIM_ADMIN_PASSWORD_STRONG="false"
 # PUMA_MIN_THREADS=5
 # PUMA_MAX_THREADS=5
 # PUMA_WORKERS=0
-# PUMA_PRELOAD_APP=false
\ No newline at end of file
+# PUMA_PRELOAD_APP=false
+
+# RAILS_SESSION_STORE=active_record
\ No newline at end of file
diff --git a/Gemfile b/Gemfile
index 20faa4834b..e40e01fa04 100644
--- a/Gemfile
+++ b/Gemfile
@@ -35,6 +35,7 @@ gem "omniauth-publik", git: "https://github.com/OpenSourcePolitics/omniauth-publ
 
 # Default
 gem "activejob-uniqueness", require: "active_job/uniqueness/sidekiq_patch"
+gem "activerecord-session_store"
 gem "aws-sdk-s3", require: false
 gem "bootsnap", "~> 1.4"
 gem "deepl-rb", require: "deepl"
diff --git a/Gemfile.lock b/Gemfile.lock
index 5f8dfb0810..8500328eb3 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -150,6 +150,13 @@ GEM
     activerecord (6.1.7.6)
       activemodel (= 6.1.7.6)
       activesupport (= 6.1.7.6)
+    activerecord-session_store (2.1.0)
+      actionpack (>= 6.1)
+      activerecord (>= 6.1)
+      cgi (>= 0.3.6)
+      multi_json (~> 1.11, >= 1.11.2)
+      rack (>= 2.0.8, < 4)
+      railties (>= 6.1)
     activestorage (6.1.7.6)
       actionpack (= 6.1.7.6)
       activejob (= 6.1.7.6)
@@ -244,6 +251,7 @@ GEM
     cells-rails (0.1.5)
       actionpack (>= 5.0)
       cells (>= 4.1.6, < 5.0.0)
+    cgi (0.4.1)
     charlock_holmes (0.7.7)
     chef-utils (18.3.0)
       concurrent-ruby
@@ -1069,6 +1077,7 @@ PLATFORMS
 
 DEPENDENCIES
   activejob-uniqueness
+  activerecord-session_store
   aws-sdk-s3
   bootsnap (~> 1.4)
   brakeman (~> 5.1)
diff --git a/config/application.rb b/config/application.rb
index 312fa370d7..0ba9a737a4 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -55,5 +55,12 @@ class Application < Rails::Application
         config.initial_query = "{\n  deployment {\n    version\n    branch\n    remote\n    upToDate\n    currentCommit\n    latestCommit\n    locallyModified\n  }\n}".html_safe
       end
     end
+
+    if ENV.fetch("RAILS_SESSION_STORE", "") == "active_record"
+      initializer "session cookie domain", after: "Expire sessions" do
+        Rails.application.config.session_store :active_record_store, key: "_decidim_session", expire_after: Decidim.config.expire_session_after
+        ActiveRecord::SessionStore::Session.serializer = :hybrid
+      end
+    end
   end
 end
diff --git a/db/migrate/20240109144022_add_sessions_table.rb b/db/migrate/20240109144022_add_sessions_table.rb
new file mode 100644
index 0000000000..fced761a9c
--- /dev/null
+++ b/db/migrate/20240109144022_add_sessions_table.rb
@@ -0,0 +1,16 @@
+class AddSessionsTable < ActiveRecord::Migration[6.1]
+  def up
+    create_table :sessions do |t|
+      t.string :session_id, null: false
+      t.text :data
+      t.timestamps
+    end
+
+    add_index :sessions, :session_id, unique: true
+    add_index :sessions, :updated_at
+  end
+
+  def down
+    drop_table :sessions
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index fa473378af..817e909a49 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 2023_11_27_192451) do
+ActiveRecord::Schema.define(version: 2024_01_09_144022) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "ltree"
@@ -2052,6 +2052,15 @@
     t.index ["redirect_rule_id"], name: "index_request_environment_rules_on_redirect_rule_id"
   end
 
+  create_table "sessions", force: :cascade do |t|
+    t.string "session_id", null: false
+    t.text "data"
+    t.datetime "created_at", precision: 6, null: false
+    t.datetime "updated_at", precision: 6, null: false
+    t.index ["session_id"], name: "index_sessions_on_session_id", unique: true
+    t.index ["updated_at"], name: "index_sessions_on_updated_at"
+  end
+
   create_table "versions", force: :cascade do |t|
     t.string "item_type", null: false
     t.integer "item_id", null: false
diff --git a/docker-compose.local.yml b/docker-compose.local.yml
index 65ee35b4a4..30beb45e4e 100644
--- a/docker-compose.local.yml
+++ b/docker-compose.local.yml
@@ -40,6 +40,7 @@ services:
       - PUMA_MAX_THREADS=5
       - PUMA_WORKERS=4
       - PUMA_PRELOAD_APP=true
+      - RAILS_SESSION_STORE=active_record
     depends_on:
       - app
     volumes:
@@ -70,6 +71,7 @@ services:
       - PUMA_MAX_THREADS=5
       - PUMA_WORKERS=4
       - PUMA_PRELOAD_APP=true
+      - RAILS_SESSION_STORE=active_record
     volumes:
       - shared-volume:/app
     ports: