diff options
author | Lukasz Sarnacki <lukesarnacki@gmail.com> | 2014-01-10 12:57:50 +0100 |
---|---|---|
committer | Lukasz Sarnacki <lukesarnacki@gmail.com> | 2014-01-29 17:05:00 +0100 |
commit | b23ffd0dac895aa3fd3afd8d9be36794941731b2 (patch) | |
tree | a287df4bfcaff9c0838d3f4062a02fd1e5134b9f /guides/source | |
parent | f142527eb30626904cb1e655a1a28801f08b8acf (diff) | |
download | rails-b23ffd0dac895aa3fd3afd8d9be36794941731b2.tar.gz rails-b23ffd0dac895aa3fd3afd8d9be36794941731b2.tar.bz2 rails-b23ffd0dac895aa3fd3afd8d9be36794941731b2.zip |
Allow session serializer key in config.session_store
MessageEncryptor has :serializer option, where any serializer object can
be passed. This commit make it possible to set this serializer from configuration
level.
There are predefined serializers (:marshal_serializer, :json_serialzier)
and custom serializer can be passed as String, Symbol (camelized and
constantized in ActionDispatch::Session namepspace) or serializer object.
Default :json_serializer was also added to generators to provide secure
defalt.
Diffstat (limited to 'guides/source')
-rw-r--r-- | guides/source/action_controller_overview.md | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/guides/source/action_controller_overview.md b/guides/source/action_controller_overview.md index c55637eb0a..0234120b45 100644 --- a/guides/source/action_controller_overview.md +++ b/guides/source/action_controller_overview.md @@ -381,6 +381,28 @@ You can also pass a `:domain` key and specify the domain name for the cookie: YourApp::Application.config.session_store :cookie_store, key: '_your_app_session', domain: ".example.com" ``` +You can pass `:serializer` key to specify serializer for serializing session: + +```ruby +YourApp::Application.config.session_store :cookie_store, key: '_your_app_session', serializer: :json_serializer +``` + +Default serializer is `:marshal_serializer`. When Symbol or String is passed it +will look for appropriate class in `ActionDispatch::Session` namespace, so +passing `:my_custom_serializer` would load +`ActionDispatch::Session::MyCustomSerializer`. + +```ruby +YourApp::Application.config.session_store :cookie_store, key: '_your_app_session', serializer: :my_custom_serializer +``` + +It is also possible to pass serializer object with defined `load` and `dump` +public methods: + +```ruby +YourApp::Application.config.session_store :cookie_store, key: '_your_app_session', serializer: MyCustomSerializer +``` + Rails sets up (for the CookieStore) a secret key used for signing the session data. This can be changed in `config/initializers/secret_token.rb` ```ruby |