mastodon-glitch/app/controllers/concerns/cache_concern.rb

# frozen_string_literal: true

module CacheConcern
  extend ActiveSupport::Concern

  class_methods do
    def vary_by(value, **kwargs)
      before_action(**kwargs) do |controller|
        response.headers['Vary'] = value.respond_to?(:call) ? controller.instance_exec(&value) : value
      end
    end
  end

  included do
    after_action :enforce_cache_control!
  end

  # Prevents high-entropy headers such as `Cookie`, `Signature` or `Authorization`
  # from being used as cache keys, while allowing to `Vary` on them (to not serve
  # anonymous cached data to authenticated requests when authentication matters)
  def enforce_cache_control!
    vary = response.headers['Vary']&.split&.map { |x| x.strip.downcase }
    return unless vary.present? && %w(cookie authorization signature).any? { |header| vary.include?(header) && request.headers[header].present? }

    response.cache_control.replace(private: true, no_store: true)
  end

  def render_with_cache(**options)
    raise ArgumentError, 'Only JSON render calls are supported' unless options.key?(:json) || block_given?

    key        = options.delete(:key) || [[params[:controller], params[:action]].join('/'), options[:json].respond_to?(:cache_key) ? options[:json].cache_key : nil, options[:fields].nil? ? nil : options[:fields].join(',')].compact.join(':')
    expires_in = options.delete(:expires_in) || 3.minutes
    body       = Rails.cache.read(key, raw: true)

    if body
      render(options.except(:json, :serializer, :each_serializer, :adapter, :fields).merge(json: body))
    else
      if block_given?
        options[:json] = yield
      elsif options[:json].is_a?(Symbol)
        options[:json] = send(options[:json])
      end

      render(options)
      Rails.cache.write(key, response.body, expires_in: expires_in, raw: true)
    end
  end
end
Add (back) rails-level JSON caching (#11333) 2019-07-21 20:32:16 +00:00			`# frozen_string_literal: true`

			`module CacheConcern`
			`extend ActiveSupport::Concern`

Refactor `Cache-Control` and `Vary` definitions (#24347) 2023-04-19 14:07:29 +00:00			`class_methods do`
Fix /api/v1/instance/domain_blocks being unconditionally cached (#24662) 2023-04-26 09:42:47 +00:00			`def vary_by(value, **kwargs)`
			`before_action(**kwargs) do \|controller\|`
Refactor `Cache-Control` and `Vary` definitions (#24347) 2023-04-19 14:07:29 +00:00			`response.headers['Vary'] = value.respond_to?(:call) ? controller.instance_exec(&value) : value`
			`end`
			`end`
			`end`

Fix caching logic with regards to Accept-Language, Cookie, and Signature (#24604) 2023-04-23 20:27:24 +00:00			`included do`
			`after_action :enforce_cache_control!`
			`end`

			# Prevents high-entropy headers such as `Cookie`, `Signature` or `Authorization`
			# from being used as cache keys, while allowing to `Vary` on them (to not serve
			`# anonymous cached data to authenticated requests when authentication matters)`
			`def enforce_cache_control!`
			`vary = response.headers['Vary']&.split&.map { \|x\| x.strip.downcase }`
			`return unless vary.present? && %w(cookie authorization signature).any? { \|header\| vary.include?(header) && request.headers[header].present? }`

			`response.cache_control.replace(private: true, no_store: true)`
			`end`

Add (back) rails-level JSON caching (#11333) 2019-07-21 20:32:16 +00:00			`def render_with_cache(**options)`
Refactor `Cache-Control` and `Vary` definitions (#24347) 2023-04-19 14:07:29 +00:00			`raise ArgumentError, 'Only JSON render calls are supported' unless options.key?(:json) \|\| block_given?`
Add (back) rails-level JSON caching (#11333) 2019-07-21 20:32:16 +00:00
			`key = options.delete(:key) \|\| [[params[:controller], params[:action]].join('/'), options[:json].respond_to?(:cache_key) ? options[:json].cache_key : nil, options[:fields].nil? ? nil : options[:fields].join(',')].compact.join(':')`
			`expires_in = options.delete(:expires_in) \|\| 3.minutes`
			`body = Rails.cache.read(key, raw: true)`

			`if body`
			`render(options.except(:json, :serializer, :each_serializer, :adapter, :fields).merge(json: body))`
			`else`
			`if block_given?`
			`options[:json] = yield`
			`elsif options[:json].is_a?(Symbol)`
			`options[:json] = send(options[:json])`
			`end`

			`render(options)`
			`Rails.cache.write(key, response.body, expires_in: expires_in, raw: true)`
			`end`
			`end`
			`end`