use a request object in the session middleware

This commit allows us to use one request object rather than allocating
multiple request objects to deal with the session.

3 files changed, 26 insertions, 22 deletions

diff --git a/actionpack/lib/action_dispatch/middleware/flash.rb b/actionpack/lib/action_dispatch/middleware/flash.rb
index 23da169b22..379e7ffdc5 100644
--- a/actionpack/lib/action_dispatch/middleware/flash.rb
+++ b/actionpack/lib/action_dispatch/middleware/flash.rb
@@ -274,7 +274,7 @@ module ActionDispatch
       req = ActionDispatch::Request.new env
       @app.call(env)
     ensure
-      session    = Request::Session.find(env) || {}
+      session    = Request::Session.find(req) || {}
       flash_hash = req.flash_hash
 
       if flash_hash && (flash_hash.present? || session.key?('flash'))
diff --git a/actionpack/lib/action_dispatch/middleware/session/abstract_store.rb b/actionpack/lib/action_dispatch/middleware/session/abstract_store.rb
index 84df55fd5a..b924df789f 100644
--- a/actionpack/lib/action_dispatch/middleware/session/abstract_store.rb
+++ b/actionpack/lib/action_dispatch/middleware/session/abstract_store.rb
@@ -36,6 +36,11 @@ module ActionDispatch
         @default_options.delete(:sidbits)
         @default_options.delete(:secure_random)
       end
+
+      private
+      def make_request(env)
+        ActionDispatch::Request.new env
+      end
     end
 
     module StaleSessionCheck
@@ -65,8 +70,8 @@ module ActionDispatch
     end
 
     module SessionObject # :nodoc:
-      def prepare_session(env)
-        Request::Session.create(self, env, @default_options)
+      def prepare_session(req)
+        Request::Session.create(self, req, @default_options)
       end
 
       def loaded_session?(session)
@@ -81,8 +86,7 @@ module ActionDispatch
 
       private
 
-      def set_cookie(env, session_id, cookie)
-        request = ActionDispatch::Request.new(env)
+      def set_cookie(request, session_id, cookie)
         request.cookie_jar[key] = cookie
       end
     end
diff --git a/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb b/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb
index d8f9614904..e225f356df 100644
--- a/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb
+++ b/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb
@@ -71,16 +71,16 @@ module ActionDispatch
         super(app, options.merge!(:cookie_only => true))
       end
 
-      def destroy_session(env, session_id, options)
+      def destroy_session(req, session_id, options)
         new_sid = generate_sid unless options[:drop]
         # Reset hash and Assign the new session id
-        env["action_dispatch.request.unsigned_session_cookie"] = new_sid ? { "session_id" => new_sid } : {}
+        req.set_header("action_dispatch.request.unsigned_session_cookie", new_sid ? { "session_id" => new_sid } : {})
         new_sid
       end
 
-      def load_session(env)
+      def load_session(req)
         stale_session_check! do
-          data = unpacked_cookie_data(env)
+          data = unpacked_cookie_data(req)
           data = persistent_session_id!(data)
           [data["session_id"], data]
         end
@@ -88,20 +88,21 @@ module ActionDispatch
 
       private
 
-      def extract_session_id(env)
+      def extract_session_id(req)
         stale_session_check! do
-          unpacked_cookie_data(env)["session_id"]
+          unpacked_cookie_data(req)["session_id"]
         end
       end
 
-      def unpacked_cookie_data(env)
-        env["action_dispatch.request.unsigned_session_cookie"] ||= begin
-          stale_session_check! do
-            if data = get_cookie(env)
+      def unpacked_cookie_data(req)
+        req.get_header("action_dispatch.request.unsigned_session_cookie") do |k|
+          v = stale_session_check! do
+            if data = get_cookie(req)
               data.stringify_keys!
             end
             data || {}
           end
+          req.set_header k, v
         end
       end
 
@@ -111,21 +112,20 @@ module ActionDispatch
         data
       end
 
-      def set_session(env, sid, session_data, options)
+      def set_session(req, sid, session_data, options)
         session_data["session_id"] = sid
         session_data
       end
 
-      def set_cookie(env, session_id, cookie)
-        cookie_jar(env)[@key] = cookie
+      def set_cookie(request, session_id, cookie)
+        cookie_jar(request)[@key] = cookie
       end
 
-      def get_cookie(env)
-        cookie_jar(env)[@key]
+      def get_cookie(req)
+        cookie_jar(req)[@key]
       end
 
-      def cookie_jar(env)
-        request = ActionDispatch::Request.new(env)
+      def cookie_jar(request)
         request.cookie_jar.signed_or_encrypted
       end
     end