Conditionally inject session middleware instead of using session management

author: Joshua Peek <josh@joshpeek.com> 2008-12-18 12:56:18 -0600
committer: Joshua Peek <josh@joshpeek.com> 2008-12-18 12:56:18 -0600
commit: 2e22c7fda00f78db79cb2dcc79495c085035240d (patch)
tree: 92c18edbcab2e2d0733b77604838fe7ee3e53cd5 /actionpack/lib/action_controller/session
parent: 2eb2ec9e635c740684673495ed547d1c0769038d (diff)
download: rails-2e22c7fda00f78db79cb2dcc79495c085035240d.tar.gz
rails-2e22c7fda00f78db79cb2dcc79495c085035240d.tar.bz2
rails-2e22c7fda00f78db79cb2dcc79495c085035240d.zip
2 files changed, 30 insertions, 4 deletions
diff --git a/actionpack/lib/action_controller/session/abstract_store.rb b/actionpack/lib/action_controller/session/abstract_store.rb
index 7874ee5a28..2218152c2c 100644
--- a/actionpack/lib/action_controller/session/abstract_store.rb
+++ b/actionpack/lib/action_controller/session/abstract_store.rb
@@ -60,7 +60,7 @@ module ActionController
       end
 
       DEFAULT_OPTIONS = {
-        :key =>           'rack.session',
+        :key =>           '_session_id',
         :path =>          '/',
         :domain =>        nil,
         :expire_after =>  nil,
@@ -70,6 +70,18 @@ module ActionController
       }
 
       def initialize(app, options = {})
+        # Process legacy CGI options
+        options = options.symbolize_keys
+        if options.has_key?(:session_path)
+          options[:path] = options.delete(:session_path)
+        end
+        if options.has_key?(:session_key)
+          options[:key] = options.delete(:session_key)
+        end
+        if options.has_key?(:session_http_only)
+          options[:httponly] = options.delete(:session_http_only)
+        end
+
         @app = app
         @default_options = DEFAULT_OPTIONS.merge(options)
         @key = @default_options[:key]
diff --git a/actionpack/lib/action_controller/session/cookie_store.rb b/actionpack/lib/action_controller/session/cookie_store.rb
index ce3cf354fd..158c940cc2 100644
--- a/actionpack/lib/action_controller/session/cookie_store.rb
+++ b/actionpack/lib/action_controller/session/cookie_store.rb
@@ -41,9 +41,11 @@ module ActionController
       SECRET_MIN_LENGTH = 30 # characters
 
       DEFAULT_OPTIONS = {
-        :domain => nil,
-        :path => "/",
-        :expire_after => nil
+        :key          => '_session_id',
+        :domain       => nil,
+        :path         => "/",
+        :expire_after => nil,
+        :httponly     => false
       }.freeze
 
       ENV_SESSION_KEY = "rack.session".freeze
@@ -56,6 +58,18 @@ module ActionController
       def initialize(app, options = {})
         options = options.dup
 
+        # Process legacy CGI options
+        options = options.symbolize_keys
+        if options.has_key?(:session_path)
+          options[:path] = options.delete(:session_path)
+        end
+        if options.has_key?(:session_key)
+          options[:key] = options.delete(:session_key)
+        end
+        if options.has_key?(:session_http_only)
+          options[:httponly] = options.delete(:session_http_only)
+        end
+
         @app = app
 
         # The session_key option is required.
author	Joshua Peek <josh@joshpeek.com>	2008-12-18 12:56:18 -0600
committer	Joshua Peek <josh@joshpeek.com>	2008-12-18 12:56:18 -0600
commit	2e22c7fda00f78db79cb2dcc79495c085035240d (patch)
tree	92c18edbcab2e2d0733b77604838fe7ee3e53cd5 /actionpack/lib/action_controller/session
parent	2eb2ec9e635c740684673495ed547d1c0769038d (diff)
download	rails-2e22c7fda00f78db79cb2dcc79495c085035240d.tar.gz rails-2e22c7fda00f78db79cb2dcc79495c085035240d.tar.bz2 rails-2e22c7fda00f78db79cb2dcc79495c085035240d.zip