Add supprt for new Rails 5.2 aes-256-gcm cookies

config/dev.yml

@@ -0,0 +1,114 @@
+title: Super Graph Development
+host_port: 0.0.0.0:8080
+web_ui: true
+debug_level: 1
+enable_tracing: true
+
+# Throw a 401 on auth failure for queries that need auth
+# valid values: always, per_query, never
+auth_fail_block: never
+
+# Postgres related environment Variables
+# SG_DATABASE_HOST
+# SG_DATABASE_PORT
+# SG_DATABASE_USER
+# SG_DATABASE_PASSWORD
+
+# Auth related environment Variables
+# SG_AUTH_RAILS_COOKIE_SECRET_KEY_BASE
+# SG_AUTH_RAILS_REDIS_URL
+# SG_AUTH_RAILS_REDIS_PASSWORD
+# SG_AUTH_JWT_PUBLIC_KEY_FILE
+
+# inflections:
+#   person: people
+#   sheep: sheep
+
+auth: 
+  # Can be 'rails' or 'jwt'
+  type: rails
+  cookie: _app_session
+
+  # Comment this out if you want to disable setting
+  # the user_id via a header. Good for testing
+  header: X-User-ID
+
+  rails:
+    # Rails version this is used for reading the
+    # various cookies formats.
+    version: 5.2
+
+    # Found in 'Rails.application.config.secret_key_base'
+    secret_key_base: 0a248500a64c01184edb4d7ad3a805488f8097ac761b76aaa6c17c01dcb7af03a2f18ba61b2868134b9c7b79a122bc0dadff4367414a2d173297bfea92be5566
+    
+    # Remote cookie store. (memcache or redis)
+    # url: redis://127.0.0.1:6379
+    # password: test
+    # max_idle: 80,
+    # max_active: 12000,
+
+    # In most cases you don't need these
+    # salt: "encrypted cookie"
+    # sign_salt: "signed encrypted cookie"
+    # auth_salt: "authenticated encrypted cookie"
+
+  # jwt:
+  #   provider: auth0
+  #   secret: abc335bfcfdb04e50db5bb0a4d67ab9
+  #   public_key_file: /secrets/public_key.pem
+  #   public_key_type: ecdsa #rsa
+
+
+database:
+  type: postgres
+  host: db
+  port: 5432
+  dbname: app_development
+  user: postgres
+  password: ''
+  #pool_size: 10
+  #max_retries: 0
+  #log_level: "debug" 
+
+  # Define variables here that you want to use in filters 
+  variables:
+    account_id: "select account_id from users where id = $user_id"
+
+  # Define defaults to for the field key and values below
+  defaults:
+    filter: ["{ user_id: { eq: $user_id } }"]
+    
+    # Fields and table names that you wish to block
+    blacklist:
+      - ar_internal_metadata
+      - schema_migrations
+      - secret
+      - password
+      - encrypted
+      - token
+
+  fields:
+    - name: users
+      # This filter will overwrite defaults.filter
+      filter: ["{ id: { eq: $user_id } }"]
+
+    - name: products
+      # Multiple filters are AND'd together
+      filter: [
+        "{ price: { gt: 0 } }",
+        "{ price: { lt: 8 } }"
+      ] 
+
+    - name: customers
+      # No filter is used for this field not 
+      # even defaults.filter
+      filter: none
+
+    - # You can create new fields that have a
+      # real db table backing them
+      name: me
+      table: users
+      filter: ["{ id: { eq: $user_id } }"]
+
+    # - name: posts
+    #   filter: ["{ account_id: { _eq: $account_id } }"]

config/prod.yml

@@ -0,0 +1,113 @@
+title: Super Graph Production
+host_port: 0.0.0.0:8080
+web_ui: false
+debug_level: 0
+enable_tracing: false
+
+# Throw a 401 on auth failure for queries that need auth
+# valid values: always, per_query, never
+auth_fail_block: always
+
+# Postgres related environment Variables
+# SG_DATABASE_HOST
+# SG_DATABASE_PORT
+# SG_DATABASE_USER
+# SG_DATABASE_PASSWORD
+
+# Auth related environment Variables
+# SG_AUTH_RAILS_COOKIE_SECRET_KEY_BASE
+# SG_AUTH_RAILS_REDIS_URL
+# SG_AUTH_RAILS_REDIS_PASSWORD
+# SG_AUTH_JWT_PUBLIC_KEY_FILE
+
+# inflections:
+#   person: people
+#   sheep: sheep
+
+auth: 
+  # Can be 'rails' or 'jwt'
+  type: rails
+  cookie: _app_session
+
+  # Comment this out if you want to disable setting
+  # the user_id via a header. Good for testing
+  header: X-User-ID
+
+  rails:
+    # Rails version this is used for reading the
+    # various cookies formats.
+    version: 5.2
+
+    # Found in 'Rails.application.config.secret_key_base'
+    secret_key_base: 0a248500a64c01184edb4d7ad3a805488f8097ac761b76aaa6c17c01dcb7af03a2f18ba61b2868134b9c7b79a122bc0dadff4367414a2d173297bfea92be5566
+    
+    # Remote cookie store. (memcache or redis)
+    # url: redis://127.0.0.1:6379
+    # password: test
+    # max_idle: 80,
+    # max_active: 12000,
+
+    # In most cases you don't need these
+    # salt: "encrypted cookie"
+    # sign_salt: "signed encrypted cookie"
+    # auth_salt: "authenticated encrypted cookie"
+
+  # jwt:
+  #   provider: auth0
+  #   secret: abc335bfcfdb04e50db5bb0a4d67ab9
+  #   public_key_file: /secrets/public_key.pem
+  #   public_key_type: ecdsa #rsa
+
+database:
+  type: postgres
+  host: db
+  port: 5432
+  dbname: app_development
+  user: postgres
+  password: ''
+  #pool_size: 10
+  #max_retries: 0
+  #log_level: "debug" 
+
+  # Define variables here that you want to use in filters 
+  variables:
+    account_id: "select account_id from users where id = $user_id"
+
+  # Define defaults to for the field key and values below
+  defaults:
+    filter: ["{ user_id: { eq: $user_id } }"]
+    
+    # Fields and table names that you wish to block
+    blacklist:
+      - ar_internal_metadata
+      - schema_migrations
+      - secret
+      - password
+      - encrypted
+      - token
+
+  fields:
+    - name: users
+      # This filter will overwrite defaults.filter
+      filter: ["{ id: { eq: $user_id } }"]
+
+    - name: products
+      # Multiple filters are AND'd together
+      filter: [
+        "{ price: { gt: 0 } }",
+        "{ price: { lt: 8 } }"
+      ] 
+
+    - name: customers
+      # No filter is used for this field not 
+      # even defaults.filter
+      filter: none
+
+    - # You can create new fields that have a
+      # real db table backing them
+      name: me
+      table: users
+      filter: ["{ id: { eq: $user_id } }"]
+
+    # - name: posts
+    #   filter: ["{ account_id: { _eq: $account_id } }"]