diff options
author | Santiago Pastorino <santiago@wyeworks.com> | 2012-11-15 12:17:25 -0800 |
---|---|---|
committer | Santiago Pastorino <santiago@wyeworks.com> | 2012-11-15 12:17:25 -0800 |
commit | ef8b845de7e06077131297a398cb7f4e81d6bb08 (patch) | |
tree | b1e54d87132a561f1a5ad4b61a2eea28de4b26dc /actionpack/lib/action_dispatch/middleware/session/cookie_store.rb | |
parent | cf3eb6dab0e89ea6b64b9bdb24d4df3e8006da7b (diff) | |
parent | d63783983f8c03d5c624938081615579dcc753f7 (diff) | |
download | rails-ef8b845de7e06077131297a398cb7f4e81d6bb08.tar.gz rails-ef8b845de7e06077131297a398cb7f4e81d6bb08.tar.bz2 rails-ef8b845de7e06077131297a398cb7f4e81d6bb08.zip |
Merge pull request #8112 from rails/encrypted_cookies
Encrypted cookies
Diffstat (limited to 'actionpack/lib/action_dispatch/middleware/session/cookie_store.rb')
-rw-r--r-- | actionpack/lib/action_dispatch/middleware/session/cookie_store.rb | 23 |
1 files changed, 20 insertions, 3 deletions
diff --git a/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb b/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb index 3f28ea75ef..039846688e 100644 --- a/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb +++ b/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb @@ -57,8 +57,7 @@ module ActionDispatch def unpacked_cookie_data(env) env["action_dispatch.request.unsigned_session_cookie"] ||= begin stale_session_check! do - request = ActionDispatch::Request.new(env) - if data = request.cookie_jar.signed[@key] + if data = cookie_jar(env)[@key] data.stringify_keys! end data || {} @@ -72,8 +71,26 @@ module ActionDispatch end def set_cookie(env, session_id, cookie) + cookie_jar(env)[@key] = cookie + end + + def get_cookie + cookie_jar(env)[@key] + end + + def cookie_jar(env) + request = ActionDispatch::Request.new(env) + request.cookie_jar.signed + end + end + + class EncryptedCookieStore < CookieStore + + private + + def cookie_jar(env) request = ActionDispatch::Request.new(env) - request.cookie_jar.signed[@key] = cookie + request.cookie_jar.encrypted end end end |