Conditionally inject session middleware instead of using session management
This commit is contained in:
parent
2eb2ec9e63
commit
2e22c7fda0
@ -44,9 +44,22 @@ def to_prepare(identifier = nil, &block)
|
|||||||
|
|
||||||
cattr_accessor :middleware
|
cattr_accessor :middleware
|
||||||
self.middleware = MiddlewareStack.new do |middleware|
|
self.middleware = MiddlewareStack.new do |middleware|
|
||||||
middleware.use "ActionController::Lock", :if => lambda { !ActionController::Base.allow_concurrency }
|
middleware.use "ActionController::Lock", :if => lambda {
|
||||||
|
!ActionController::Base.allow_concurrency
|
||||||
|
}
|
||||||
middleware.use "ActionController::Failsafe"
|
middleware.use "ActionController::Failsafe"
|
||||||
middleware.use "ActionController::SessionManagement::Middleware"
|
|
||||||
|
["ActionController::Session::CookieStore",
|
||||||
|
"ActionController::Session::MemCacheStore",
|
||||||
|
"ActiveRecord::SessionStore"].each do |store|
|
||||||
|
middleware.use(store, ActionController::Base.session_options,
|
||||||
|
:if => lambda {
|
||||||
|
if session_store = ActionController::Base.session_store
|
||||||
|
session_store.name == store
|
||||||
|
end
|
||||||
|
}
|
||||||
|
)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
include ActiveSupport::Callbacks
|
include ActiveSupport::Callbacks
|
||||||
|
@ -1,14 +1,10 @@
|
|||||||
module ActionController
|
module ActionController
|
||||||
class MiddlewareStack < Array
|
class MiddlewareStack < Array
|
||||||
class Middleware
|
class Middleware
|
||||||
attr_reader :klass, :args, :block
|
attr_reader :args, :block
|
||||||
|
|
||||||
def initialize(klass, *args, &block)
|
def initialize(klass, *args, &block)
|
||||||
if klass.is_a?(Class)
|
@klass = klass
|
||||||
@klass = klass
|
|
||||||
else
|
|
||||||
@klass = klass.to_s.constantize
|
|
||||||
end
|
|
||||||
|
|
||||||
options = args.extract_options!
|
options = args.extract_options!
|
||||||
if options.has_key?(:if)
|
if options.has_key?(:if)
|
||||||
@ -22,6 +18,14 @@ def initialize(klass, *args, &block)
|
|||||||
@block = block
|
@block = block
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def klass
|
||||||
|
if @klass.is_a?(Class)
|
||||||
|
@klass
|
||||||
|
else
|
||||||
|
@klass.to_s.constantize
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
def active?
|
def active?
|
||||||
if @conditional.respond_to?(:call)
|
if @conditional.respond_to?(:call)
|
||||||
@conditional.call
|
@conditional.call
|
||||||
|
@ -60,7 +60,7 @@ def load!
|
|||||||
end
|
end
|
||||||
|
|
||||||
DEFAULT_OPTIONS = {
|
DEFAULT_OPTIONS = {
|
||||||
:key => 'rack.session',
|
:key => '_session_id',
|
||||||
:path => '/',
|
:path => '/',
|
||||||
:domain => nil,
|
:domain => nil,
|
||||||
:expire_after => nil,
|
:expire_after => nil,
|
||||||
@ -70,6 +70,18 @@ def load!
|
|||||||
}
|
}
|
||||||
|
|
||||||
def initialize(app, options = {})
|
def initialize(app, options = {})
|
||||||
|
# Process legacy CGI options
|
||||||
|
options = options.symbolize_keys
|
||||||
|
if options.has_key?(:session_path)
|
||||||
|
options[:path] = options.delete(:session_path)
|
||||||
|
end
|
||||||
|
if options.has_key?(:session_key)
|
||||||
|
options[:key] = options.delete(:session_key)
|
||||||
|
end
|
||||||
|
if options.has_key?(:session_http_only)
|
||||||
|
options[:httponly] = options.delete(:session_http_only)
|
||||||
|
end
|
||||||
|
|
||||||
@app = app
|
@app = app
|
||||||
@default_options = DEFAULT_OPTIONS.merge(options)
|
@default_options = DEFAULT_OPTIONS.merge(options)
|
||||||
@key = @default_options[:key]
|
@key = @default_options[:key]
|
||||||
|
@ -41,9 +41,11 @@ class CookieStore
|
|||||||
SECRET_MIN_LENGTH = 30 # characters
|
SECRET_MIN_LENGTH = 30 # characters
|
||||||
|
|
||||||
DEFAULT_OPTIONS = {
|
DEFAULT_OPTIONS = {
|
||||||
:domain => nil,
|
:key => '_session_id',
|
||||||
:path => "/",
|
:domain => nil,
|
||||||
:expire_after => nil
|
:path => "/",
|
||||||
|
:expire_after => nil,
|
||||||
|
:httponly => false
|
||||||
}.freeze
|
}.freeze
|
||||||
|
|
||||||
ENV_SESSION_KEY = "rack.session".freeze
|
ENV_SESSION_KEY = "rack.session".freeze
|
||||||
@ -56,6 +58,18 @@ class CookieOverflow < StandardError; end
|
|||||||
def initialize(app, options = {})
|
def initialize(app, options = {})
|
||||||
options = options.dup
|
options = options.dup
|
||||||
|
|
||||||
|
# Process legacy CGI options
|
||||||
|
options = options.symbolize_keys
|
||||||
|
if options.has_key?(:session_path)
|
||||||
|
options[:path] = options.delete(:session_path)
|
||||||
|
end
|
||||||
|
if options.has_key?(:session_key)
|
||||||
|
options[:key] = options.delete(:session_key)
|
||||||
|
end
|
||||||
|
if options.has_key?(:session_http_only)
|
||||||
|
options[:httponly] = options.delete(:session_http_only)
|
||||||
|
end
|
||||||
|
|
||||||
@app = app
|
@app = app
|
||||||
|
|
||||||
# The session_key option is required.
|
# The session_key option is required.
|
||||||
|
@ -6,35 +6,6 @@ def self.included(base)
|
|||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
class Middleware
|
|
||||||
DEFAULT_OPTIONS = {
|
|
||||||
:path => "/",
|
|
||||||
:key => "_session_id",
|
|
||||||
:httponly => true,
|
|
||||||
}.freeze
|
|
||||||
|
|
||||||
def self.new(app)
|
|
||||||
cgi_options = ActionController::Base.session_options
|
|
||||||
options = cgi_options.symbolize_keys
|
|
||||||
options = DEFAULT_OPTIONS.merge(options)
|
|
||||||
if options.has_key?(:session_path)
|
|
||||||
options[:path] = options.delete(:session_path)
|
|
||||||
end
|
|
||||||
if options.has_key?(:session_key)
|
|
||||||
options[:key] = options.delete(:session_key)
|
|
||||||
end
|
|
||||||
if options.has_key?(:session_http_only)
|
|
||||||
options[:httponly] = options.delete(:session_http_only)
|
|
||||||
end
|
|
||||||
|
|
||||||
if store = ActionController::Base.session_store
|
|
||||||
store.new(app, options)
|
|
||||||
else # Sessions disabled
|
|
||||||
lambda { |env| app.call(env) }
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
module ClassMethods
|
module ClassMethods
|
||||||
# Set the session store to be used for keeping the session data between requests.
|
# Set the session store to be used for keeping the session data between requests.
|
||||||
# By default, sessions are stored in browser cookies (<tt>:cookie_store</tt>),
|
# By default, sessions are stored in browser cookies (<tt>:cookie_store</tt>),
|
||||||
|
Loading…
Reference in New Issue
Block a user