Methods
Classes and Modules
Class ActionController::Session::AbstractStore::SessionHashConstants
ENV_SESSION_KEY | = | 'rack.session'.freeze |
ENV_SESSION_OPTIONS_KEY | = | 'rack.session.options'.freeze |
HTTP_COOKIE | = | 'HTTP_COOKIE'.freeze |
SET_COOKIE | = | 'Set-Cookie'.freeze |
DEFAULT_OPTIONS | = | { :key => '_session_id', :path => '/', :domain => nil, :expire_after => nil, :secure => false, :httponly => true, :cookie_only => true |
Public Class methods
[ show source ]
# File actionpack/lib/action_controller/session/abstract_store.rb, line 97 97: def initialize(app, options = {}) 98: # Process legacy CGI options 99: options = options.symbolize_keys 100: if options.has_key?(:session_path) 101: ActiveSupport::Deprecation.warn "Giving :session_path to SessionStore is deprecated, " << 102: "please use :path instead", caller 103: options[:path] = options.delete(:session_path) 104: end 105: if options.has_key?(:session_key) 106: ActiveSupport::Deprecation.warn "Giving :session_key to SessionStore is deprecated, " << 107: "please use :key instead", caller 108: options[:key] = options.delete(:session_key) 109: end 110: if options.has_key?(:session_http_only) 111: ActiveSupport::Deprecation.warn "Giving :session_http_only to SessionStore is deprecated, " << 112: "please use :httponly instead", caller 113: options[:httponly] = options.delete(:session_http_only) 114: end 115: 116: @app = app 117: @default_options = DEFAULT_OPTIONS.merge(options) 118: @key = @default_options[:key] 119: @cookie_only = @default_options[:cookie_only] 120: end
Public Instance methods
[ show source ]
# File actionpack/lib/action_controller/session/abstract_store.rb, line 122 122: def call(env) 123: session = SessionHash.new(self, env) 124: 125: env[ENV_SESSION_KEY] = session 126: env[ENV_SESSION_OPTIONS_KEY] = @default_options.dup 127: 128: response = @app.call(env) 129: 130: session_data = env[ENV_SESSION_KEY] 131: options = env[ENV_SESSION_OPTIONS_KEY] 132: 133: if !session_data.is_a?(AbstractStore::SessionHash) || session_data.send(:loaded?) || options[:expire_after] 134: session_data.send(:load!) if session_data.is_a?(AbstractStore::SessionHash) && !session_data.send(:loaded?) 135: 136: sid = options[:id] || generate_sid 137: 138: unless set_session(env, sid, session_data.to_hash) 139: return response 140: end 141: 142: cookie = Rack::Utils.escape(@key) + '=' + Rack::Utils.escape(sid) 143: cookie << "; domain=#{options[:domain]}" if options[:domain] 144: cookie << "; path=#{options[:path]}" if options[:path] 145: if options[:expire_after] 146: expiry = Time.now + options[:expire_after] 147: cookie << "; expires=#{expiry.httpdate}" 148: end 149: cookie << "; Secure" if options[:secure] 150: cookie << "; HttpOnly" if options[:httponly] 151: 152: headers = response[1] 153: unless headers[SET_COOKIE].blank? 154: headers[SET_COOKIE] << "\n#{cookie}" 155: else 156: headers[SET_COOKIE] = cookie 157: end 158: end 159: 160: response 161: end