Class: ActionController::Session::AbstractStore

Methods

call
new

Classes and Modules

Class ActionController::Session::AbstractStore::SessionHash

Constants

ENV_SESSION_KEY	=	'rack.session'.freeze
ENV_SESSION_OPTIONS_KEY	=	'rack.session.options'.freeze
HTTP_COOKIE	=	'HTTP_COOKIE'.freeze
SET_COOKIE	=	'Set-Cookie'.freeze
DEFAULT_OPTIONS	=	{ :key => '_session_id', :path => '/', :domain => nil, :expire_after => nil, :secure => false, :httponly => true, :cookie_only => true

Public Class methods

new(app, options = {})

[ show source ]

     # File actionpack/lib/action_controller/session/abstract_store.rb, line 97
 97:       def initialize(app, options = {})
 98:         # Process legacy CGI options
 99:         options = options.symbolize_keys
100:         if options.has_key?(:session_path)
101:           ActiveSupport::Deprecation.warn "Giving :session_path to SessionStore is deprecated, " <<
102:             "please use :path instead", caller
103:           options[:path] = options.delete(:session_path)
104:         end
105:         if options.has_key?(:session_key)
106:           ActiveSupport::Deprecation.warn "Giving :session_key to SessionStore is deprecated, " <<
107:             "please use :key instead", caller
108:           options[:key] = options.delete(:session_key)
109:         end
110:         if options.has_key?(:session_http_only)
111:           ActiveSupport::Deprecation.warn "Giving :session_http_only to SessionStore is deprecated, " <<
112:             "please use :httponly instead", caller
113:           options[:httponly] = options.delete(:session_http_only)
114:         end
115: 
116:         @app = app
117:         @default_options = DEFAULT_OPTIONS.merge(options)
118:         @key = @default_options[:key]
119:         @cookie_only = @default_options[:cookie_only]
120:       end

Public Instance methods

call(env)

[ show source ]

     # File actionpack/lib/action_controller/session/abstract_store.rb, line 122
122:       def call(env)
123:         session = SessionHash.new(self, env)
124: 
125:         env[ENV_SESSION_KEY] = session
126:         env[ENV_SESSION_OPTIONS_KEY] = @default_options.dup
127: 
128:         response = @app.call(env)
129: 
130:         session_data = env[ENV_SESSION_KEY]
131:         options = env[ENV_SESSION_OPTIONS_KEY]
132: 
133:         if !session_data.is_a?(AbstractStore::SessionHash) || session_data.send(:loaded?) || options[:expire_after]
134:           session_data.send(:load!) if session_data.is_a?(AbstractStore::SessionHash) && !session_data.send(:loaded?)
135: 
136:           sid = options[:id] || generate_sid
137: 
138:           unless set_session(env, sid, session_data.to_hash)
139:             return response
140:           end
141: 
142:           cookie = Rack::Utils.escape(@key) + '=' + Rack::Utils.escape(sid)
143:           cookie << "; domain=#{options[:domain]}" if options[:domain]
144:           cookie << "; path=#{options[:path]}" if options[:path]
145:           if options[:expire_after]
146:             expiry = Time.now + options[:expire_after]
147:             cookie << "; expires=#{expiry.httpdate}"
148:           end
149:           cookie << "; Secure" if options[:secure]
150:           cookie << "; HttpOnly" if options[:httponly]
151: 
152:           headers = response[1]
153:           unless headers[SET_COOKIE].blank?
154:             headers[SET_COOKIE] << "\n#{cookie}"
155:           else
156:             headers[SET_COOKIE] = cookie
157:           end
158:         end
159: 
160:         response
161:       end