Module: ActionController::SessionManagement::ClassMethods

Defined in:
lib/action_controller/session_management.rb

Instance Method Summary collapse

Instance Method Details

#cached_session_optionsObject

:nodoc:


80
81
82
# File 'lib/action_controller/session_management.rb', line 80

def cached_session_options #:nodoc:
  @session_options ||= read_inheritable_attribute("session_options") || []
end

#session(*args) ⇒ Object

Specify how sessions ought to be managed for a subset of the actions on the controller. Like filters, you can specify :only and :except clauses to restrict the subset, otherwise options apply to all actions on this controller.

The session options are inheritable, as well, so if you specify them in a parent controller, they apply to controllers that extend the parent.

Usage:

# turn off session management for all actions.
session :off

# turn off session management for all actions _except_ foo and bar.
session :off, :except => %w(foo bar)

# turn off session management for only the foo and bar actions.
session :off, :only => %w(foo bar)

# the session will only work over HTTPS, but only for the foo action
session :only => :foo, :session_secure => true

# the session will only be disabled for 'foo', and only if it is
# requested as a web service
session :off, :only => :foo,
        :if => Proc.new { |req| req.parameters[:ws] }

All session options described for ActionController::Base.process_cgi are valid arguments.


67
68
69
70
71
72
73
74
75
76
77
78
# File 'lib/action_controller/session_management.rb', line 67

def session(*args)
  options = Hash === args.last ? args.pop : {}

  options[:disabled] = true if !args.empty?
  options[:only] = [*options[:only]].map { |o| o.to_s } if options[:only]
  options[:except] = [*options[:except]].map { |o| o.to_s } if options[:except]
  if options[:only] && options[:except]
    raise ArgumentError, "only one of either :only or :except are allowed"
  end

  write_inheritable_array("session_options", [options])
end

#session_optionsObject

Returns the hash used to configure the session. Example use:

ActionController::Base.session_options[:session_secure] = true # session only available over HTTPS

34
35
36
# File 'lib/action_controller/session_management.rb', line 34

def session_options
  ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS
end

#session_options_for(request, action) ⇒ Object

:nodoc:


84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
# File 'lib/action_controller/session_management.rb', line 84

def session_options_for(request, action) #:nodoc:
  if (session_options = cached_session_options).empty?
    {}
  else
    options = {}

    action = action.to_s
    session_options.each do |opts|
      next if opts[:if] && !opts[:if].call(request)
      if opts[:only] && opts[:only].include?(action)
        options.merge!(opts)
      elsif opts[:except] && !opts[:except].include?(action)
        options.merge!(opts)
      elsif !opts[:only] && !opts[:except]
        options.merge!(opts)
      end
    end
    
    if options.empty? then options
    else
      options.delete :only
      options.delete :except
      options.delete :if
      options[:disabled] ? false : options
    end
  end
end

#session_storeObject

Returns the session store class currently used.


27
28
29
# File 'lib/action_controller/session_management.rb', line 27

def session_store
  ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS[:database_manager]
end

#session_store=(store) ⇒ Object

Set the session store to be used for keeping the session data between requests. The default is using the file system, but you can also specify one of the other included stores (:active_record_store, :drb_store, :mem_cache_store, or :memory_store) or use your own class.


21
22
23
24
# File 'lib/action_controller/session_management.rb', line 21

def session_store=(store)
  ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS[:database_manager] =
    store.is_a?(Symbol) ? CGI::Session.const_get(store == :drb_store ? "DRbStore" : store.to_s.camelize) : store
end