49 lines
1.8 KiB
Ruby
49 lines
1.8 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
module CacheConcern
|
|
extend ActiveSupport::Concern
|
|
|
|
class_methods do
|
|
def vary_by(value, **kwargs)
|
|
before_action(**kwargs) do |controller|
|
|
response.headers['Vary'] = value.respond_to?(:call) ? controller.instance_exec(&value) : value
|
|
end
|
|
end
|
|
end
|
|
|
|
included do
|
|
after_action :enforce_cache_control!
|
|
end
|
|
|
|
# Prevents high-entropy headers such as `Cookie`, `Signature` or `Authorization`
|
|
# from being used as cache keys, while allowing to `Vary` on them (to not serve
|
|
# anonymous cached data to authenticated requests when authentication matters)
|
|
def enforce_cache_control!
|
|
vary = response.headers['Vary']&.split&.map { |x| x.strip.downcase }
|
|
return unless vary.present? && %w(cookie authorization signature).any? { |header| vary.include?(header) && request.headers[header].present? }
|
|
|
|
response.cache_control.replace(private: true, no_store: true)
|
|
end
|
|
|
|
def render_with_cache(**options)
|
|
raise ArgumentError, 'Only JSON render calls are supported' unless options.key?(:json) || block_given?
|
|
|
|
key = options.delete(:key) || [[params[:controller], params[:action]].join('/'), options[:json].respond_to?(:cache_key) ? options[:json].cache_key : nil, options[:fields]&.join(',')].compact.join(':')
|
|
expires_in = options.delete(:expires_in) || 3.minutes
|
|
body = Rails.cache.read(key, raw: true)
|
|
|
|
if body
|
|
render(options.except(:json, :serializer, :each_serializer, :adapter, :fields).merge(json: body))
|
|
else
|
|
if block_given?
|
|
options[:json] = yield
|
|
elsif options[:json].is_a?(Symbol)
|
|
options[:json] = send(options[:json])
|
|
end
|
|
|
|
render(options)
|
|
Rails.cache.write(key, response.body, expires_in: expires_in, raw: true)
|
|
end
|
|
end
|
|
end
|