diff options
author | Michael Lovitt <michael@lovitt.net> | 2010-06-22 09:55:50 -0400 |
---|---|---|
committer | Jeremy Kemper <jeremy@bitsweat.net> | 2010-06-23 11:56:35 -0700 |
commit | 49f52c3d910c8f183afc3a54ea2ae9667f23085e (patch) | |
tree | 410bc3c8fb8921397547c33fd8661f2015065946 /actionpack/lib/action_dispatch/middleware/session/cookie_store.rb | |
parent | 0bf3baa6b3d216c6340f8d3b5d0a3ebc093e969a (diff) | |
download | rails-49f52c3d910c8f183afc3a54ea2ae9667f23085e.tar.gz rails-49f52c3d910c8f183afc3a54ea2ae9667f23085e.tar.bz2 rails-49f52c3d910c8f183afc3a54ea2ae9667f23085e.zip |
Sessions should not be created until written to and session data should be destroyed on reset.
[#4938]
Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
Diffstat (limited to 'actionpack/lib/action_dispatch/middleware/session/cookie_store.rb')
-rw-r--r-- | actionpack/lib/action_dispatch/middleware/session/cookie_store.rb | 39 |
1 files changed, 21 insertions, 18 deletions
diff --git a/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb b/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb index 92a86ee229..7c5626735b 100644 --- a/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb +++ b/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb @@ -39,16 +39,6 @@ module ActionDispatch # # Note that changing digest or secret invalidates all existing sessions! class CookieStore < AbstractStore - class OptionsHash < Hash - def initialize(by, env, default_options) - @session_data = env[AbstractStore::ENV_SESSION_KEY] - merge!(default_options) - end - - def [](key) - key == :id ? @session_data[:session_id] : super(key) - end - end def initialize(app, options = {}) super(app, options.merge!(:cookie_only => true)) @@ -57,19 +47,28 @@ module ActionDispatch private - def prepare!(env) - env[ENV_SESSION_KEY] = SessionHash.new(self, env) - env[ENV_SESSION_OPTIONS_KEY] = OptionsHash.new(self, env, @default_options) - end - def load_session(env) - request = ActionDispatch::Request.new(env) - data = request.cookie_jar.signed[@key] + data = unpacked_cookie_data(env) data = persistent_session_id!(data) - data.stringify_keys! [data["session_id"], data] end + def extract_session_id(env) + if data = unpacked_cookie_data(env) + data["session_id"] + else + nil + end + end + + def unpacked_cookie_data(env) + request = ActionDispatch::Request.new(env) + if data = request.cookie_jar.signed[@key] + data.stringify_keys! + end + data + end + def set_cookie(request, options) request.cookie_jar.signed[@key] = options end @@ -78,6 +77,10 @@ module ActionDispatch persistent_session_id!(session_data, sid) end + def destroy(env) + # session data is stored on client; nothing to do here + end + def persistent_session_id!(data, sid=nil) data ||= {} data["session_id"] ||= sid || generate_sid |