Module: Merb::SessionMixin::RequestMixin

Defined in:

lib/merb-core/dispatch/session.rb

Defined Under Namespace

Modules: ClassMethods

Class Method Summary

• .included(base) ⇒ Object

  Adds class methods to Merb::Request object.

Instance Method Summary

• #default_cookies ⇒ Object private

  Assign default cookie values.

• #default_session_store ⇒ Object private

  The default session store type.

• #destroy_session_cookie ⇒ Object private

  Destroy the session cookie.

• #finalize_session ⇒ Object (also: #finalize_sessions) private

  Teardown and/or persist the current sessions.

• #session(session_store = nil) ⇒ Object

  Returns session container.

• #session=(new_session) ⇒ Object private

  Parameters new_session<Merb::SessionContainer>:: A session store instance.

• #session?(session_store = nil) ⇒ Boolean private

  Whether a session has been setup.

• #session_cookie_value ⇒ Object (also: #session_id) private

  Returns String:: The value of the session cookie; either the session id or the actual encoded data.

• #session_stores ⇒ Object private

  Returns Hash:: All active session stores by type.

• #set_session_cookie_value(value, options = {}) ⇒ Object (also: #set_session_id_cookie) private

  Sets session cookie value.

Class Method Details

.included(base) ⇒ Object

Adds class methods to Merb::Request object. Sets up repository of session store types. Sets the session ID key and expiry values.

# File 'lib/merb-core/dispatch/session.rb', line 109

def self.included(base)
  base.extend ClassMethods
  
  # Keep track of all known session store types.
  base.cattr_accessor :registered_session_types
  base.registered_session_types = Dictionary.new
  base.class_inheritable_accessor :_session_id_key, :_session_secret_key,
                                  :_session_expiry
  
  base._session_id_key        = Merb::Config[:session_id_key] || '_session_id'
  base._session_expiry        = Merb::Config[:session_expiry] || 0
  base._session_secret_key    = Merb::Config[:session_secret_key]
end

Instance Method Details

#default_cookies ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Assign default cookie values

# File 'lib/merb-core/dispatch/session.rb', line 225

def default_cookies
  defaults = {}
  if route && route.allow_fixation? && params.key?(_session_id_key)
    Merb.logger.info("Fixated session id: #{_session_id_key}")
    defaults[_session_id_key] = params[_session_id_key]
  end
  defaults
end

#default_session_store ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

The default session store type.

# File 'lib/merb-core/dispatch/session.rb', line 142

def default_session_store
  Merb::Config[:session_store] && Merb::Config[:session_store].to_sym
end

#destroy_session_cookie ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Destroy the session cookie.

# File 'lib/merb-core/dispatch/session.rb', line 260

def destroy_session_cookie
  cookies.delete(_session_id_key)
end

#finalize_session ⇒ Object Also known as: finalize_sessions

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Teardown and/or persist the current sessions.

# File 'lib/merb-core/dispatch/session.rb', line 217

def finalize_session
  session_stores.each { |name, store| store.finalize(self) }
end

#session(session_store = nil) ⇒ Object

Returns session container. Merb is able to handle multiple session stores, hence a parameter to pick it.

Parameters

session_store<String>

The type of session store to access,

defaults to default_session_store.

Notes

If no suitable session store type is given, it defaults to cookie-based sessions.

Returns

SessionContainer

an instance of a session store extending Merb::SessionContainer.

# File 'lib/merb-core/dispatch/session.rb', line 170

def session(session_store = nil)
  session_store ||= default_session_store
  if class_name = self.class.registered_session_types[session_store]
    session_stores[session_store] ||= Object.full_const_get(class_name).setup(self)
  elsif fallback = self.class.registered_session_types.keys.first
    Merb.logger.warn "Session store '#{session_store}' not found. Check your configuration in init file."
    Merb.logger.warn "Falling back to #{fallback} session store."
    session(fallback)
  else
    msg = "No session store set. Set it in init file like this: c[:session_store] = 'activerecord'"
    Merb.logger.error!(msg)
    raise NoSessionContainer, msg            
  end
end

#session=(new_session) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Parameters

new_session<Merb::SessionContainer>

A session store instance.

Notes

The session is assigned internally by its session_store_type key.

# File 'lib/merb-core/dispatch/session.rb', line 192

def session=(new_session)
  if self.session?(new_session.class.session_store_type)
    original_session_id = self.session(new_session.class.session_store_type).session_id
    if new_session.session_id != original_session_id
      set_session_id_cookie(new_session.session_id)
    end
  end
  session_stores[new_session.class.session_store_type] = new_session
end

#session?(session_store = nil) ⇒ Boolean

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Whether a session has been setup

Returns

Boolean

true if the session is part of the session stores configured.

Returns:

• (Boolean)

# File 'lib/merb-core/dispatch/session.rb', line 208

def session?(session_store = nil)
  (session_store ? [session_store] : session_stores).any? do |type, store|
    store.is_a?(Merb::SessionContainer)
  end
end

#session_cookie_value ⇒ Object Also known as: session_id

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns

String

The value of the session cookie; either the session id or the actual encoded data.

# File 'lib/merb-core/dispatch/session.rb', line 252

def session_cookie_value
  cookies[_session_id_key]
end

#session_stores ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns

Hash

All active session stores by type.

# File 'lib/merb-core/dispatch/session.rb', line 150

def session_stores
  @session_stores ||= {}
end

#set_session_cookie_value(value, options = {}) ⇒ Object Also known as: set_session_id_cookie

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Sets session cookie value.

Parameters

value<String>

The value of the session cookie; either the session id or the actual encoded data.

options<Hash>

Cookie options like domain, path and expired.

# File 'lib/merb-core/dispatch/session.rb', line 241

def set_session_cookie_value(value, options = {})
  defaults = {}
  defaults[:expires] = Time.now + _session_expiry if _session_expiry > 0
  cookies.set_cookie(_session_id_key, value, defaults.merge(options))
end