Fix renew feature on cookies.

2 files changed, 17 insertions, 1 deletions

diff --git a/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb b/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb
index 9c9ccc62f5..8ebf870b95 100644
--- a/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb
+++ b/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb
@@ -59,7 +59,7 @@ module ActionDispatch
       end
 
       def set_session(env, sid, session_data, options)
-        persistent_session_id!(session_data, sid)
+        session_data.merge("session_id" => sid)
       end
 
       def set_cookie(env, session_id, cookie)
diff --git a/actionpack/test/dispatch/session/cookie_store_test.rb b/actionpack/test/dispatch/session/cookie_store_test.rb
index 27f55fd7ab..b0efbcef4a 100644
--- a/actionpack/test/dispatch/session/cookie_store_test.rb
+++ b/actionpack/test/dispatch/session/cookie_store_test.rb
@@ -50,6 +50,11 @@ class CookieStoreTest < ActionDispatch::IntegrationTest
       get_session_id
     end
 
+    def renew_session_id
+      request.session_options[:renew] = true
+      head :ok
+    end
+
     def rescue_action(e) raise end
   end
 
@@ -102,6 +107,17 @@ class CookieStoreTest < ActionDispatch::IntegrationTest
     end
   end
 
+  def test_properly_renew_cookies
+    with_test_route_set do
+      get '/set_session_value'
+      get '/persistent_session_id'
+      session_id = response.body
+      get '/renew_session_id'
+      get '/persistent_session_id'
+      assert_not_equal response.body, session_id
+    end
+  end
+
   def test_does_set_secure_cookies_over_https
     with_test_route_set(:secure => true) do
       get '/set_session_value', nil, 'HTTPS' => 'on'