Module: Merb::SessionMixin::RequestMixin

Defined in:
lib/merb-core/dispatch/session.rb

Defined Under Namespace

Modules: ClassMethods

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.included(base) ⇒ Object

Adds class methods to Merb::Request object. Sets up repository of session store types. Sets the session ID key and expiry values.

:api: private


125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
# File 'lib/merb-core/dispatch/session.rb', line 125

def self.included(base)
  base.extend ClassMethods
  
  # Keep track of all known session store types.
  base.cattr_accessor :registered_session_types
  base.registered_session_types = Dictionary.new
  base.class_inheritable_accessor :_session_id_key, :_session_secret_key,
                                  :_session_expiry, :_session_secure,
                                  :_session_http_only, :_default_cookie_domain
  
  base._session_id_key        = Merb::Config[:session_id_key] || '_session_id'
  base._session_expiry        = Merb::Config[:session_expiry] || 0
  base._session_secret_key    = Merb::Config[:session_secret_key]
  base._session_secure        = Merb::Config[:session_secure] || false
  base._session_http_only     = Merb::Config[:session_http_only] || false
  base._default_cookie_domain = Merb::Config[:default_cookie_domain]
end

Instance Method Details

#default_cookiesObject

Assign default cookie values

:api: private


245
246
247
248
249
250
251
252
# File 'lib/merb-core/dispatch/session.rb', line 245

def default_cookies
  defaults = {}
  if route && route.allow_fixation? && params.key?(_session_id_key)
    Merb.logger.info("Fixated session id: #{_session_id_key}")
    defaults[_session_id_key] = params[_session_id_key]
  end
  defaults
end

#default_session_storeObject

The default session store type.

:api: private


162
163
164
# File 'lib/merb-core/dispatch/session.rb', line 162

def default_session_store
  Merb::Config[:session_store] && Merb::Config[:session_store].to_sym
end

Destroy the session cookie.

:api: private


283
284
285
# File 'lib/merb-core/dispatch/session.rb', line 283

def destroy_session_cookie
  cookies.delete(_session_id_key)
end

#finalize_sessionObject Also known as: finalize_sessions

Teardown and/or persist the current sessions.

:api: private


237
238
239
# File 'lib/merb-core/dispatch/session.rb', line 237

def finalize_session
  session_stores.each { |name, store| store.finalize(self) }
end

#session(session_store = nil) ⇒ Object

Returns session container. Merb is able to handle multiple session stores, hence a parameter to pick it.

Parameters

session_store<String>

The type of session store to access,

defaults to default_session_store.

Notes

If no suitable session store type is given, it defaults to cookie-based sessions.

Returns

SessionContainer

an instance of a session store extending Merb::SessionContainer.

:api: public


190
191
192
193
194
195
196
197
198
199
200
201
202
203
# File 'lib/merb-core/dispatch/session.rb', line 190

def session(session_store = nil)
  session_store ||= default_session_store
  if class_name = self.class.registered_session_types[session_store]
    session_stores[session_store] ||= Object.full_const_get(class_name).setup(self)
  elsif fallback = self.class.registered_session_types.keys.first
    Merb.logger.warn "Session store '#{session_store}' not found. Check your configuration in init file."
    Merb.logger.warn "Falling back to #{fallback} session store."
    session(fallback)
  else
    msg = "No session store set. Set it in init file like this: c[:session_store] = 'activerecord'"
    Merb.logger.error!(msg)
    raise NoSessionContainer, msg            
  end
end

#session=(new_session) ⇒ Object

Parameters

new_session<Merb::SessionContainer>

A session store instance.

Notes

The session is assigned internally by its session_store_type key.

:api: private


212
213
214
215
216
217
218
219
220
# File 'lib/merb-core/dispatch/session.rb', line 212

def session=(new_session)
  if self.session?(new_session.class.session_store_type)
    original_session_id = self.session(new_session.class.session_store_type).session_id
    if new_session.session_id != original_session_id
      set_session_id_cookie(new_session.session_id)
    end
  end
  session_stores[new_session.class.session_store_type] = new_session
end

#session?(session_store = nil) ⇒ Boolean

Whether a session has been setup

Returns

Boolean

true if the session is part of the session stores configured.

:api: private

Returns:

  • (Boolean)

228
229
230
231
232
# File 'lib/merb-core/dispatch/session.rb', line 228

def session?(session_store = nil)
  (session_store ? [session_store] : session_stores).any? do |type, store|
    store.is_a?(Merb::SessionContainer)
  end
end

Returns

String

The value of the session cookie; either the session id or the actual encoded data.

:api: private


275
276
277
# File 'lib/merb-core/dispatch/session.rb', line 275

def session_cookie_value
  cookies[_session_id_key]
end

#session_storesObject

Returns

Hash

All active session stores by type.

:api: private


170
171
172
# File 'lib/merb-core/dispatch/session.rb', line 170

def session_stores
  @session_stores ||= {}
end

Sets session cookie value.

Parameters

value<String>

The value of the session cookie; either the session id or the actual encoded data.

options<Hash>

Cookie options like domain, path and expired.

:api: private


261
262
263
264
265
266
267
268
# File 'lib/merb-core/dispatch/session.rb', line 261

def set_session_cookie_value(value, options = {})
  defaults = {}
  defaults[:expires]   = Time.now + _session_expiry if _session_expiry > 0
  defaults[:domain]    = _default_cookie_domain if _default_cookie_domain
  defaults[:secure]    = _session_secure
  defaults[:http_only] = _session_http_only
  cookies.set_cookie(_session_id_key, value, defaults.merge(options))
end