Class | ActionController::Session::AbstractStore |
In: |
vendor/rails/actionpack/lib/action_controller/session/abstract_store.rb
|
Parent: | Object |
ENV_SESSION_KEY | = | 'rack.session'.freeze |
ENV_SESSION_OPTIONS_KEY | = | 'rack.session.options'.freeze |
HTTP_COOKIE | = | 'HTTP_COOKIE'.freeze |
SET_COOKIE | = | 'Set-Cookie'.freeze |
DEFAULT_OPTIONS | = | { :key => '_session_id', :path => '/', :domain => nil, :expire_after => nil, :secure => false, :httponly => true, :cookie_only => true |
# File vendor/rails/actionpack/lib/action_controller/session/abstract_store.rb, line 97 97: def initialize(app, options = {}) 98: # Process legacy CGI options 99: options = options.symbolize_keys 100: if options.has_key?(:session_path) 101: options[:path] = options.delete(:session_path) 102: end 103: if options.has_key?(:session_key) 104: options[:key] = options.delete(:session_key) 105: end 106: if options.has_key?(:session_http_only) 107: options[:httponly] = options.delete(:session_http_only) 108: end 109: 110: @app = app 111: @default_options = DEFAULT_OPTIONS.merge(options) 112: @key = @default_options[:key] 113: @cookie_only = @default_options[:cookie_only] 114: end
# File vendor/rails/actionpack/lib/action_controller/session/abstract_store.rb, line 116 116: def call(env) 117: session = SessionHash.new(self, env) 118: 119: env[ENV_SESSION_KEY] = session 120: env[ENV_SESSION_OPTIONS_KEY] = @default_options.dup 121: 122: response = @app.call(env) 123: 124: session_data = env[ENV_SESSION_KEY] 125: options = env[ENV_SESSION_OPTIONS_KEY] 126: 127: if !session_data.is_a?(AbstractStore::SessionHash) || session_data.send(:loaded?) || options[:expire_after] 128: session_data.send(:load!) if session_data.is_a?(AbstractStore::SessionHash) && !session_data.send(:loaded?) 129: 130: sid = options[:id] || generate_sid 131: 132: unless set_session(env, sid, session_data.to_hash) 133: return response 134: end 135: 136: cookie = Rack::Utils.escape(@key) + '=' + Rack::Utils.escape(sid) 137: cookie << "; domain=#{options[:domain]}" if options[:domain] 138: cookie << "; path=#{options[:path]}" if options[:path] 139: if options[:expire_after] 140: expiry = Time.now + options[:expire_after] 141: cookie << "; expires=#{expiry.httpdate}" 142: end 143: cookie << "; Secure" if options[:secure] 144: cookie << "; HttpOnly" if options[:httponly] 145: 146: headers = response[1] 147: unless headers[SET_COOKIE].blank? 148: headers[SET_COOKIE] << "\n#{cookie}" 149: else 150: headers[SET_COOKIE] = cookie 151: end 152: end 153: 154: response 155: end