aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_dispatch/middleware/session
Commit message (Collapse)AuthorAgeFilesLines
...
* use hash fetches to populate the :id valueAaron Patterson2012-05-021-12/+7
|
* imported options, switched to object compositionAaron Patterson2012-05-021-13/+56
|
* * move exception message to exception constructorAaron Patterson2012-05-021-5/+11
| | | | | * save original exception * keep original backtrace
* Support cookie jar options for all cookie storesbrainopia2012-04-301-0/+7
|
* Return the same session data object when setting session idCarlos Antonio da Silva2012-03-261-1/+2
|
* remove unnecessary memcache equire in ActionDispatch::Session::CacheStoreBrian Durand2012-02-281-1/+0
|
* remove checks for encodings availabilitySergey Nartimov2011-12-251-1/+1
|
* Get rid of the close checks since we cannot reliably close the session anyway.José Valim2011-12-161-4/+0
|
* Add ActionDispatch::Session::CacheStore as a generic way of storing sessions ↵Brian Durand2011-10-211-0/+50
| | | | in a cache.
* Split long string into multiple shorter ones Daniel Schierbeck2011-08-291-1/+4
| | | This makes the code more readable.
* removed deprecated methods, and related tests, from ActionPackJosh Kalderimis2011-05-241-7/+1
|
* Replace references to ActiveSupport::SecureRandom with just SecureRandom, ↵Jon Leighton2011-05-231-1/+1
| | | | and require 'securerandom' from the stdlib when active support is required.
* Fix renew feature on cookies.José Valim2011-05-041-1/+1
|
* generated session ids should be encoded as UTF-8Aaron Patterson2011-04-141-1/+3
|
* Initialize sid should just skip instance variables.José Valim2010-10-041-0/+7
|
* Rely on Rack::Session stores API for more compatibility across the Ruby world.José Valim2010-10-033-321/+76
|
* no need to check for nil?Neeraj Singh2010-09-301-1/+1
|
* Remove more warnings on AP.Emilio Tagua2010-09-281-2/+2
|
* Only send secure cookies over SSL.W. Andrew Loe III2010-09-131-1/+4
|
* Revert "Avoid uneeded queries in session stores if sid is not given."José Valim2010-07-292-5/+3
| | | | | | First step to merge Rails and Rack session stores. Rack always expects to receive the SID since it may have different behavior if the SID is nil. This reverts commit e210895ba95e498b9debbf43a3e5ae588bca81f0.
* Set session options id to nil is respected and cancels lazy loading.José Valim2010-07-181-2/+2
|
* Avoid uneeded queries in session stores if sid is not given.José Valim2010-07-182-3/+5
|
* Fixed many references to the old config/environment.rb and Rails::InitializerBenjamin Quorning2010-07-131-1/+1
|
* porting session.clear fix to master branch. [#5030 state:resolved]Aaron Patterson2010-07-011-0/+5
| | | | Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
* Fixed that an ArgumentError is thrown when request.session_options[:id] is ↵Michael Lovitt2010-06-272-36/+38
| | | | | | | | read in the following scenario: when the cookie store is used, and the session contains a serialized object of an unloaded class, and no session data accesses have occurred yet. Pushed the stale_session_check responsibility out of the SessionHash and down into the session store, closer to where the deserialization actually occurs. Added some test coverage for this case and others related to deserialization of unloaded types. [#4938] Signed-off-by: José Valim <jose.valim@gmail.com>
* Do not mark the session as loaded if an error happened while doing it.José Valim2010-06-251-2/+1
|
* Calling exists? in the session store, without checking for stale sessions, ↵José Valim2010-06-252-10/+10
| | | | was causing the cookie store to panic because we need to unpack the whole session to get its key. This commit fixes this issue and also caches exists calls for performance improvements.
* Make sure that Rails doesn't resent session_id cookie over and over again if ↵Prem Sichanugrist2010-06-251-1/+3
| | | | | | | | it's already there [#2485 state:resolved] This apply to only Active Record store and Memcached store, as they both store only the session_id, which will be unchanged, in the cookie. Signed-off-by: José Valim <jose.valim@gmail.com>
* Avoid deserializing cookies too early, which causes session objects to not ↵José Valim2010-06-242-18/+22
| | | | be available yet. Unfortunately, could not reproduce this in a test case.
* Sessions should not be created until written to and session data should be ↵Michael Lovitt2010-06-233-29/+115
| | | | | | | | destroyed on reset. [#4938] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>
* Took out the domain option logic to cookies.rb.Rizwan Reza2010-06-112-20/+0
|
* Moved Domain regexp to a constant and added comments.Rizwan Reza2010-06-111-1/+8
|
* The previous commit didn't work with complex domains, which is now fixed.Rizwan Reza2010-06-111-4/+4
|
* Add support for multi-subdomain session by setting cookie host in session ↵Rizwan Reza2010-06-112-1/+14
| | | | | | cookie so you can share session between www.example.com, example.com and user.example.com. [#4818 state:resolved] This reverts commit 330a89072a493aafef1e07c3558964477f85adf0.
* Stop the flash middleware from forcibly loading sessions even if the user ↵wycats2010-06-041-4/+4
| | | | doesn't use sessions at all
* Cut the fat and make session stores rely on request.cookie_jar and change ↵José Valim2010-05-183-130/+55
| | | | set_session semantics to return the cookie value instead of a boolean.
* Remove deprecated methods since 2-3-stable.José Valim2010-05-181-34/+6
|
* Simplify cookie_store by simply relying on cookies.signed.José Valim2010-05-181-93/+14
|
* corrected error message in session/cookie_store [#4546 state:resolved]Josh Kalderimis2010-05-101-1/+1
| | | | Signed-off-by: José Valim <jose.valim@gmail.com>
* Rename config.cookie_secret to config.secret_token and pass it as ↵José Valim2010-04-051-1/+1
| | | | configuration in request.env. This is another step forward removing global configuration.
* adds missing requires for Object#blank? and Object#present?Xavier Noria2010-03-282-0/+2
|
* Make many parts of Rails lazy. In order to facilitate this,wycats2010-03-071-1/+0
| | | | | | | | | | | | add lazy_load_hooks.rb, which allows us to declare code that should be run at some later time. For instance, this allows us to defer requiring ActiveRecord::Base at boot time purely to apply configuration. Instead, we register a hook that should apply configuration once ActiveRecord::Base is loaded. With these changes, brings down total boot time of a new app to 300ms in production and 400ms in dev. TODO: rename base_hook
* Deprecated ActionController::Base.session_options= and ↵Carlhuda2010-03-041-7/+5
| | | | ActionController::Base.session_store= in favor of a config.session_store method (which takes params) and a config.cookie_secret variable, which is used in various secret scenarios. The old AC::Base options will continue to work with deprecation warnings.
* Fix const reference for SessionRestoreErrorJoshua Peek2010-01-151-1/+1
|
* fixed missing or incorrect session data error messageStefan Penner2010-01-021-1/+1
|
* All AD modules are "deferrable"Joshua Peek2009-12-222-4/+6
|
* SessionRestoreError belongs in ADJoshua Peek2009-09-231-3/+6
|
* Lazy require memcache for session middlewareJoshua Peek2009-09-131-40/+35
|
* CookieStore should not be derived from Hash - reverting [#2268 state:resolved]Jay Pignata2009-09-031-1/+1
| | | | Signed-off-by: Joshua Peek <josh@joshpeek.com>
* If session_options[:id] is requested when using CookieStore, unmarshal the ↵Jay Pignata2009-09-031-3/+14
| | | | | | session to access it [#2268 state:resolved] Signed-off-by: Joshua Peek <josh@joshpeek.com>