Module: Authlogic::Session::Cookies::Config
- Defined in:
- lib/authlogic/session/cookies.rb
Overview
Configuration for the cookie feature set.
Instance Method Summary collapse
-
#cookie_key(value = nil) ⇒ Object
(also: #cookie_key=)
The name of the cookie or the key in the cookies hash.
-
#httponly(value = nil) ⇒ Object
(also: #httponly=)
Should the cookie be set as httponly? If true, the cookie will not be accessible from javascript.
-
#remember_me(value = nil) ⇒ Object
(also: #remember_me=)
If sessions should be remembered by default or not.
-
#remember_me_for(value = nil) ⇒ Object
(also: #remember_me_for=)
The length of time until the cookie expires.
-
#same_site(value = nil) ⇒ Object
(also: #same_site=)
Should the cookie be prevented from being send along with cross-site requests?.
-
#secure(value = nil) ⇒ Object
(also: #secure=)
Should the cookie be set as secure? If true, the cookie will only be sent over SSL connections.
-
#sign_cookie(value = nil) ⇒ Object
(also: #sign_cookie=)
Should the cookie be signed? If the controller adapter supports it, this is a measure against cookie tampering.
Instance Method Details
#cookie_key(value = nil) ⇒ Object Also known as:
The name of the cookie or the key in the cookies hash. Be sure and use a unique name. If you have multiple sessions and they use the same cookie it will cause problems. Also, if a id is set it will be inserted into the beginning of the string. Example:
session = UserSession.new
session. => "user_credentials"
session = UserSession.new(:super_high_secret)
session. => "super_high_secret_user_credentials"
-
Default:
“#Authlogic::Session::Cookies::Config.klass_nameklass_name.underscore_credentials” -
Accepts:
String
33 34 35 |
# File 'lib/authlogic/session/cookies.rb', line 33 def (value = nil) rw_config(:cookie_key, value, "#{klass_name.underscore}_credentials") end |
#httponly(value = nil) ⇒ Object Also known as: httponly=
Should the cookie be set as httponly? If true, the cookie will not be accessible from javascript
-
Default:
true -
Accepts:
Boolean
71 72 73 |
# File 'lib/authlogic/session/cookies.rb', line 71 def httponly(value = nil) rw_config(:httponly, value, true) end |
#remember_me(value = nil) ⇒ Object Also known as: remember_me=
If sessions should be remembered by default or not.
-
Default:
false -
Accepts:
Boolean
42 43 44 |
# File 'lib/authlogic/session/cookies.rb', line 42 def remember_me(value = nil) rw_config(:remember_me, value, false) end |
#remember_me_for(value = nil) ⇒ Object Also known as: remember_me_for=
The length of time until the cookie expires.
-
Default:
3.months -
Accepts:
Integer, length of time in seconds, such as 60 or 3.months
51 52 53 |
# File 'lib/authlogic/session/cookies.rb', line 51 def remember_me_for(value = nil) rw_config(:remember_me_for, value, 3.months) end |
#same_site(value = nil) ⇒ Object Also known as: same_site=
Should the cookie be prevented from being send along with cross-site requests?
-
Default:
nil -
Accepts:
String, one of nil, ‘Lax’ or ‘Strict’
81 82 83 84 85 86 87 |
# File 'lib/authlogic/session/cookies.rb', line 81 def same_site(value = nil) unless VALID_SAME_SITE_VALUES.include?(value) msg = "Invalid same_site value: #{value}. Valid: #{VALID_SAME_SITE_VALUES.inspect}" raise ArgumentError.new(msg) end rw_config(:same_site, value) end |
#secure(value = nil) ⇒ Object Also known as: secure=
Should the cookie be set as secure? If true, the cookie will only be sent over SSL connections
-
Default:
true -
Accepts:
Boolean
61 62 63 |
# File 'lib/authlogic/session/cookies.rb', line 61 def secure(value = nil) rw_config(:secure, value, true) end |
#sign_cookie(value = nil) ⇒ Object Also known as:
Should the cookie be signed? If the controller adapter supports it, this is a measure against cookie tampering.
92 93 94 95 96 97 |
# File 'lib/authlogic/session/cookies.rb', line 92 def (value = nil) if value && !controller..respond_to?(:signed) raise "Signed cookies not supported with #{controller.class}!" end rw_config(:sign_cookie, value, false) end |