From e311622e7b20b3fdeab6a93418c8a45c6e7137b6 Mon Sep 17 00:00:00 2001 From: Carlhuda Date: Thu, 4 Mar 2010 15:06:25 -0800 Subject: Deprecated ActionController::Base.session_options= and ActionController::Base.session_store= in favor of a config.session_store method (which takes params) and a config.cookie_secret variable, which is used in various secret scenarios. The old AC::Base options will continue to work with deprecation warnings. --- actionpack/lib/action_controller/deprecated/base.rb | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) (limited to 'actionpack/lib/action_controller/deprecated') diff --git a/actionpack/lib/action_controller/deprecated/base.rb b/actionpack/lib/action_controller/deprecated/base.rb index 7aa2a34d37..34f8f4a822 100644 --- a/actionpack/lib/action_controller/deprecated/base.rb +++ b/actionpack/lib/action_controller/deprecated/base.rb @@ -78,10 +78,23 @@ module ActionController Rails.application.config.action_dispatch.ip_spoofing_check = value end + def session(*args) + ActiveSupport::Deprecation.warn( + "Disabling sessions for a single controller has been deprecated. " + + "Sessions are now lazy loaded. So if you don't access them, " + + "consider them off. You can still modify the session cookie " + + "options with request.session_options.", caller) + end + def session=(value) ActiveSupport::Deprecation.warn "ActionController::Base.session= is deprecated. " << - "Please configure it on your application with config.action_dispatch.session=", caller - Rails.application.config.action_dispatch.session = value.delete(:disabled) ? nil : value + "Please configure it on your application with config.session_store :cookie_store, :key => '....'", caller + if value.delete(:disabled) + Rails.application.config.session_store :disabled + else + store = Rails.application.config.session_store + Rails.application.config.session_store store, value + end end # Controls the resource action separator -- cgit v1.2.3