| Class | ActionController::Session::AbstractStore |
| In: |
vendor/rails/actionpack/lib/action_controller/session/abstract_store.rb
|
| Parent: | Object |
| ENV_SESSION_KEY | = | 'rack.session'.freeze |
| ENV_SESSION_OPTIONS_KEY | = | 'rack.session.options'.freeze |
| HTTP_COOKIE | = | 'HTTP_COOKIE'.freeze |
| SET_COOKIE | = | 'Set-Cookie'.freeze |
| DEFAULT_OPTIONS | = | { :key => '_session_id', :path => '/', :domain => nil, :expire_after => nil, :secure => false, :httponly => true, :cookie_only => true |
# File vendor/rails/actionpack/lib/action_controller/session/abstract_store.rb, line 97
97: def initialize(app, options = {})
98: # Process legacy CGI options
99: options = options.symbolize_keys
100: if options.has_key?(:session_path)
101: options[:path] = options.delete(:session_path)
102: end
103: if options.has_key?(:session_key)
104: options[:key] = options.delete(:session_key)
105: end
106: if options.has_key?(:session_http_only)
107: options[:httponly] = options.delete(:session_http_only)
108: end
109:
110: @app = app
111: @default_options = DEFAULT_OPTIONS.merge(options)
112: @key = @default_options[:key]
113: @cookie_only = @default_options[:cookie_only]
114: end
# File vendor/rails/actionpack/lib/action_controller/session/abstract_store.rb, line 116
116: def call(env)
117: session = SessionHash.new(self, env)
118:
119: env[ENV_SESSION_KEY] = session
120: env[ENV_SESSION_OPTIONS_KEY] = @default_options.dup
121:
122: response = @app.call(env)
123:
124: session_data = env[ENV_SESSION_KEY]
125: options = env[ENV_SESSION_OPTIONS_KEY]
126:
127: if !session_data.is_a?(AbstractStore::SessionHash) || session_data.send(:loaded?) || options[:expire_after]
128: session_data.send(:load!) if session_data.is_a?(AbstractStore::SessionHash) && !session_data.send(:loaded?)
129:
130: sid = options[:id] || generate_sid
131:
132: unless set_session(env, sid, session_data.to_hash)
133: return response
134: end
135:
136: cookie = Rack::Utils.escape(@key) + '=' + Rack::Utils.escape(sid)
137: cookie << "; domain=#{options[:domain]}" if options[:domain]
138: cookie << "; path=#{options[:path]}" if options[:path]
139: if options[:expire_after]
140: expiry = Time.now + options[:expire_after]
141: cookie << "; expires=#{expiry.httpdate}"
142: end
143: cookie << "; Secure" if options[:secure]
144: cookie << "; HttpOnly" if options[:httponly]
145:
146: headers = response[1]
147: unless headers[SET_COOKIE].blank?
148: headers[SET_COOKIE] << "\n#{cookie}"
149: else
150: headers[SET_COOKIE] = cookie
151: end
152: end
153:
154: response
155: end