aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_controller
diff options
context:
space:
mode:
authorJoshua Peek <josh@joshpeek.com>2008-12-18 12:56:18 -0600
committerJoshua Peek <josh@joshpeek.com>2008-12-18 12:56:18 -0600
commit2e22c7fda00f78db79cb2dcc79495c085035240d (patch)
tree92c18edbcab2e2d0733b77604838fe7ee3e53cd5 /actionpack/lib/action_controller
parent2eb2ec9e635c740684673495ed547d1c0769038d (diff)
downloadrails-2e22c7fda00f78db79cb2dcc79495c085035240d.tar.gz
rails-2e22c7fda00f78db79cb2dcc79495c085035240d.tar.bz2
rails-2e22c7fda00f78db79cb2dcc79495c085035240d.zip
Conditionally inject session middleware instead of using session management
Diffstat (limited to 'actionpack/lib/action_controller')
-rw-r--r--actionpack/lib/action_controller/dispatcher.rb17
-rw-r--r--actionpack/lib/action_controller/middleware_stack.rb16
-rw-r--r--actionpack/lib/action_controller/session/abstract_store.rb14
-rw-r--r--actionpack/lib/action_controller/session/cookie_store.rb20
-rw-r--r--actionpack/lib/action_controller/session_management.rb29
5 files changed, 55 insertions, 41 deletions
diff --git a/actionpack/lib/action_controller/dispatcher.rb b/actionpack/lib/action_controller/dispatcher.rb
index aa00eecea7..f0897d98b2 100644
--- a/actionpack/lib/action_controller/dispatcher.rb
+++ b/actionpack/lib/action_controller/dispatcher.rb
@@ -44,9 +44,22 @@ module ActionController
cattr_accessor :middleware
self.middleware = MiddlewareStack.new do |middleware|
- middleware.use "ActionController::Lock", :if => lambda { !ActionController::Base.allow_concurrency }
+ middleware.use "ActionController::Lock", :if => lambda {
+ !ActionController::Base.allow_concurrency
+ }
middleware.use "ActionController::Failsafe"
- middleware.use "ActionController::SessionManagement::Middleware"
+
+ ["ActionController::Session::CookieStore",
+ "ActionController::Session::MemCacheStore",
+ "ActiveRecord::SessionStore"].each do |store|
+ middleware.use(store, ActionController::Base.session_options,
+ :if => lambda {
+ if session_store = ActionController::Base.session_store
+ session_store.name == store
+ end
+ }
+ )
+ end
end
include ActiveSupport::Callbacks
diff --git a/actionpack/lib/action_controller/middleware_stack.rb b/actionpack/lib/action_controller/middleware_stack.rb
index ba99f77b81..74f28565c0 100644
--- a/actionpack/lib/action_controller/middleware_stack.rb
+++ b/actionpack/lib/action_controller/middleware_stack.rb
@@ -1,14 +1,10 @@
module ActionController
class MiddlewareStack < Array
class Middleware
- attr_reader :klass, :args, :block
+ attr_reader :args, :block
def initialize(klass, *args, &block)
- if klass.is_a?(Class)
- @klass = klass
- else
- @klass = klass.to_s.constantize
- end
+ @klass = klass
options = args.extract_options!
if options.has_key?(:if)
@@ -22,6 +18,14 @@ module ActionController
@block = block
end
+ def klass
+ if @klass.is_a?(Class)
+ @klass
+ else
+ @klass.to_s.constantize
+ end
+ end
+
def active?
if @conditional.respond_to?(:call)
@conditional.call
diff --git a/actionpack/lib/action_controller/session/abstract_store.rb b/actionpack/lib/action_controller/session/abstract_store.rb
index 7874ee5a28..2218152c2c 100644
--- a/actionpack/lib/action_controller/session/abstract_store.rb
+++ b/actionpack/lib/action_controller/session/abstract_store.rb
@@ -60,7 +60,7 @@ module ActionController
end
DEFAULT_OPTIONS = {
- :key => 'rack.session',
+ :key => '_session_id',
:path => '/',
:domain => nil,
:expire_after => nil,
@@ -70,6 +70,18 @@ module ActionController
}
def initialize(app, options = {})
+ # Process legacy CGI options
+ options = options.symbolize_keys
+ if options.has_key?(:session_path)
+ options[:path] = options.delete(:session_path)
+ end
+ if options.has_key?(:session_key)
+ options[:key] = options.delete(:session_key)
+ end
+ if options.has_key?(:session_http_only)
+ options[:httponly] = options.delete(:session_http_only)
+ end
+
@app = app
@default_options = DEFAULT_OPTIONS.merge(options)
@key = @default_options[:key]
diff --git a/actionpack/lib/action_controller/session/cookie_store.rb b/actionpack/lib/action_controller/session/cookie_store.rb
index ce3cf354fd..158c940cc2 100644
--- a/actionpack/lib/action_controller/session/cookie_store.rb
+++ b/actionpack/lib/action_controller/session/cookie_store.rb
@@ -41,9 +41,11 @@ module ActionController
SECRET_MIN_LENGTH = 30 # characters
DEFAULT_OPTIONS = {
- :domain => nil,
- :path => "/",
- :expire_after => nil
+ :key => '_session_id',
+ :domain => nil,
+ :path => "/",
+ :expire_after => nil,
+ :httponly => false
}.freeze
ENV_SESSION_KEY = "rack.session".freeze
@@ -56,6 +58,18 @@ module ActionController
def initialize(app, options = {})
options = options.dup
+ # Process legacy CGI options
+ options = options.symbolize_keys
+ if options.has_key?(:session_path)
+ options[:path] = options.delete(:session_path)
+ end
+ if options.has_key?(:session_key)
+ options[:key] = options.delete(:session_key)
+ end
+ if options.has_key?(:session_http_only)
+ options[:httponly] = options.delete(:session_http_only)
+ end
+
@app = app
# The session_key option is required.
diff --git a/actionpack/lib/action_controller/session_management.rb b/actionpack/lib/action_controller/session_management.rb
index a9989d8198..f06a0da75c 100644
--- a/actionpack/lib/action_controller/session_management.rb
+++ b/actionpack/lib/action_controller/session_management.rb
@@ -6,35 +6,6 @@ module ActionController #:nodoc:
end
end
- class Middleware
- DEFAULT_OPTIONS = {
- :path => "/",
- :key => "_session_id",
- :httponly => true,
- }.freeze
-
- def self.new(app)
- cgi_options = ActionController::Base.session_options
- options = cgi_options.symbolize_keys
- options = DEFAULT_OPTIONS.merge(options)
- if options.has_key?(:session_path)
- options[:path] = options.delete(:session_path)
- end
- if options.has_key?(:session_key)
- options[:key] = options.delete(:session_key)
- end
- if options.has_key?(:session_http_only)
- options[:httponly] = options.delete(:session_http_only)
- end
-
- if store = ActionController::Base.session_store
- store.new(app, options)
- else # Sessions disabled
- lambda { |env| app.call(env) }
- end
- end
- end
-
module ClassMethods
# Set the session store to be used for keeping the session data between requests.
# By default, sessions are stored in browser cookies (<tt>:cookie_store</tt>),