session.rb in tynn-2.0.0.beta2

- old
+ new

@@ -1,7 +1,10 @@
 # frozen_string_literal: true
 
+require "rack/session/cookie"
+require_relative "utils"
+
 class Tynn
   # Adds simple cookie based session management. You can pass a secret
   # token to sign the cookie data, thus unauthorized means can't alter it.
   #
   #   require "tynn"
@@ -75,35 +78,22 @@
 
     def self.setup(app, options = {}) # :nodoc:
       secret = options[:secret]
 
       if secret.nil?
-        raise Tynn::Error, <<~MSG
-          No secret option provided to Tynn::Session.
-
-          Tynn::Session uses a secret token to sign the cookie data, thus
-          unauthorized means can't alter it. Please, add the secret option
-          to your code:
-
-              #{ app }.plugin(Tynn::Session, secret: "__a_long_random_secret__", ...)
-
-          If you're sharing your code publicly, make sure the secret key
-          is kept private. Knowing the secret allows an attacker to tamper
-          the data. You can use environment variables to store the secret:
-
-              #{ app }.plugin(Tynn::Session, secret: ENV.fetch("SESSION_SECRET"), ...)
-        MSG
+        Tynn::Utils.raise_error(
+          "Secret key is required",
+          error: ArgumentError,
+          tag: :no_secret_key
+        )
       end
 
       if secret.length < SECRET_MIN_LENGTH
-        raise Tynn::Error, <<~MSG
-          The secret provided is shorter than the minimum length.
-
-          Make sure the secret is long and all random. You can generate a
-          secure secret key with:
-
-              $ ruby -r securerandom -e "puts SecureRandom.hex(64)"
-        MSG
+        Tynn::Utils.raise_error(
+          "Secret key is shorter than #{ SECRET_MIN_LENGTH } characters",
+          error: ArgumentError,
+          tag: :short_secret_key
+        )
       end
 
       app.use(Rack::Session::Cookie, {
         coder: Rack::Session::Cookie::Base64::JSON.new,
         hmac: OpenSSL::Digest::SHA256,