Methods
Included Modules
Classes and Modules
Module ActionController::Session::AbstractStore::SessionUtils
Class ActionController::Session::AbstractStore::OptionsHash
Class ActionController::Session::AbstractStore::SessionHash
Constants
ENV_SESSION_KEY = 'rack.session'.freeze
ENV_SESSION_OPTIONS_KEY = 'rack.session.options'.freeze
HTTP_COOKIE = 'HTTP_COOKIE'.freeze
SET_COOKIE = 'Set-Cookie'.freeze
DEFAULT_OPTIONS = { :key => '_session_id', :path => '/', :domain => nil, :expire_after => nil, :secure => false, :httponly => true, :cookie_only => true
Public Class methods
new(app, options = {})
     # File actionpack/lib/action_controller/session/abstract_store.rb, line 150
150:       def initialize(app, options = {})
151:         # Process legacy CGI options
152:         options = options.symbolize_keys
153:         if options.has_key?(:session_path)
154:           ActiveSupport::Deprecation.warn "Giving :session_path to SessionStore is deprecated, " <<
155:             "please use :path instead", caller
156:           options[:path] = options.delete(:session_path)
157:         end
158:         if options.has_key?(:session_key)
159:           ActiveSupport::Deprecation.warn "Giving :session_key to SessionStore is deprecated, " <<
160:             "please use :key instead", caller
161:           options[:key] = options.delete(:session_key)
162:         end
163:         if options.has_key?(:session_http_only)
164:           ActiveSupport::Deprecation.warn "Giving :session_http_only to SessionStore is deprecated, " <<
165:             "please use :httponly instead", caller
166:           options[:httponly] = options.delete(:session_http_only)
167:         end
168: 
169:         @app = app
170:         @default_options = DEFAULT_OPTIONS.merge(options)
171:         @key = @default_options[:key]
172:         @cookie_only = @default_options[:cookie_only]
173:       end
Public Instance methods
call(env)
     # File actionpack/lib/action_controller/session/abstract_store.rb, line 175
175:       def call(env)
176:         prepare!(env)
177:         response = @app.call(env)
178: 
179:         session_data = env[ENV_SESSION_KEY]
180:         options = env[ENV_SESSION_OPTIONS_KEY]
181: 
182:         if !session_data.is_a?(AbstractStore::SessionHash) || session_data.loaded? || options[:expire_after]
183:           request = ActionController::Request.new(env)
184: 
185:           return response if (options[:secure] && !request.ssl?)
186:         
187:           session_data.send(:load!) if session_data.is_a?(AbstractStore::SessionHash) && !session_data.loaded?
188: 
189:           sid = options[:id] || generate_sid
190: 
191:           unless set_session(env, sid, session_data.to_hash)
192:             return response
193:           end
194: 
195:           request_cookies = env["rack.request.cookie_hash"]
196: 
197:           if (request_cookies.nil? || request_cookies[@key] != sid) || options[:expire_after]
198:             cookie = Rack::Utils.escape(@key) + '=' + Rack::Utils.escape(sid)
199:             cookie << "; domain=#{options[:domain]}" if options[:domain]
200:             cookie << "; path=#{options[:path]}" if options[:path]
201:             if options[:expire_after]
202:               expiry = Time.now + options[:expire_after]
203:               cookie << "; expires=#{expiry.httpdate}"
204:             end
205:             cookie << "; secure" if options[:secure]
206:             cookie << "; HttpOnly" if options[:httponly]
207: 
208:             headers = response[1]
209:             unless headers[SET_COOKIE].blank?
210:               headers[SET_COOKIE] << "\n#{cookie}"
211:             else
212:               headers[SET_COOKIE] = cookie
213:             end
214:           end
215:         end
216: 
217:         response
218:       end