diff options
5 files changed, 55 insertions, 41 deletions
diff --git a/actionpack/lib/action_controller/dispatcher.rb b/actionpack/lib/action_controller/dispatcher.rb index aa00eecea7..f0897d98b2 100644 --- a/actionpack/lib/action_controller/dispatcher.rb +++ b/actionpack/lib/action_controller/dispatcher.rb @@ -44,9 +44,22 @@ module ActionController cattr_accessor :middleware self.middleware = MiddlewareStack.new do |middleware| - middleware.use "ActionController::Lock", :if => lambda { !ActionController::Base.allow_concurrency } + middleware.use "ActionController::Lock", :if => lambda { + !ActionController::Base.allow_concurrency + } middleware.use "ActionController::Failsafe" - middleware.use "ActionController::SessionManagement::Middleware" + + ["ActionController::Session::CookieStore", + "ActionController::Session::MemCacheStore", + "ActiveRecord::SessionStore"].each do |store| + middleware.use(store, ActionController::Base.session_options, + :if => lambda { + if session_store = ActionController::Base.session_store + session_store.name == store + end + } + ) + end end include ActiveSupport::Callbacks diff --git a/actionpack/lib/action_controller/middleware_stack.rb b/actionpack/lib/action_controller/middleware_stack.rb index ba99f77b81..74f28565c0 100644 --- a/actionpack/lib/action_controller/middleware_stack.rb +++ b/actionpack/lib/action_controller/middleware_stack.rb @@ -1,14 +1,10 @@ module ActionController class MiddlewareStack < Array class Middleware - attr_reader :klass, :args, :block + attr_reader :args, :block def initialize(klass, *args, &block) - if klass.is_a?(Class) - @klass = klass - else - @klass = klass.to_s.constantize - end + @klass = klass options = args.extract_options! if options.has_key?(:if) @@ -22,6 +18,14 @@ module ActionController @block = block end + def klass + if @klass.is_a?(Class) + @klass + else + @klass.to_s.constantize + end + end + def active? if @conditional.respond_to?(:call) @conditional.call diff --git a/actionpack/lib/action_controller/session/abstract_store.rb b/actionpack/lib/action_controller/session/abstract_store.rb index 7874ee5a28..2218152c2c 100644 --- a/actionpack/lib/action_controller/session/abstract_store.rb +++ b/actionpack/lib/action_controller/session/abstract_store.rb @@ -60,7 +60,7 @@ module ActionController end DEFAULT_OPTIONS = { - :key => 'rack.session', + :key => '_session_id', :path => '/', :domain => nil, :expire_after => nil, @@ -70,6 +70,18 @@ module ActionController } def initialize(app, options = {}) + # Process legacy CGI options + options = options.symbolize_keys + if options.has_key?(:session_path) + options[:path] = options.delete(:session_path) + end + if options.has_key?(:session_key) + options[:key] = options.delete(:session_key) + end + if options.has_key?(:session_http_only) + options[:httponly] = options.delete(:session_http_only) + end + @app = app @default_options = DEFAULT_OPTIONS.merge(options) @key = @default_options[:key] diff --git a/actionpack/lib/action_controller/session/cookie_store.rb b/actionpack/lib/action_controller/session/cookie_store.rb index ce3cf354fd..158c940cc2 100644 --- a/actionpack/lib/action_controller/session/cookie_store.rb +++ b/actionpack/lib/action_controller/session/cookie_store.rb @@ -41,9 +41,11 @@ module ActionController SECRET_MIN_LENGTH = 30 # characters DEFAULT_OPTIONS = { - :domain => nil, - :path => "/", - :expire_after => nil + :key => '_session_id', + :domain => nil, + :path => "/", + :expire_after => nil, + :httponly => false }.freeze ENV_SESSION_KEY = "rack.session".freeze @@ -56,6 +58,18 @@ module ActionController def initialize(app, options = {}) options = options.dup + # Process legacy CGI options + options = options.symbolize_keys + if options.has_key?(:session_path) + options[:path] = options.delete(:session_path) + end + if options.has_key?(:session_key) + options[:key] = options.delete(:session_key) + end + if options.has_key?(:session_http_only) + options[:httponly] = options.delete(:session_http_only) + end + @app = app # The session_key option is required. diff --git a/actionpack/lib/action_controller/session_management.rb b/actionpack/lib/action_controller/session_management.rb index a9989d8198..f06a0da75c 100644 --- a/actionpack/lib/action_controller/session_management.rb +++ b/actionpack/lib/action_controller/session_management.rb @@ -6,35 +6,6 @@ module ActionController #:nodoc: end end - class Middleware - DEFAULT_OPTIONS = { - :path => "/", - :key => "_session_id", - :httponly => true, - }.freeze - - def self.new(app) - cgi_options = ActionController::Base.session_options - options = cgi_options.symbolize_keys - options = DEFAULT_OPTIONS.merge(options) - if options.has_key?(:session_path) - options[:path] = options.delete(:session_path) - end - if options.has_key?(:session_key) - options[:key] = options.delete(:session_key) - end - if options.has_key?(:session_http_only) - options[:httponly] = options.delete(:session_http_only) - end - - if store = ActionController::Base.session_store - store.new(app, options) - else # Sessions disabled - lambda { |env| app.call(env) } - end - end - end - module ClassMethods # Set the session store to be used for keeping the session data between requests. # By default, sessions are stored in browser cookies (<tt>:cookie_store</tt>), |