diff --git a/actionpack/lib/action_controller/dispatcher.rb b/actionpack/lib/action_controller/dispatcher.rb index aa00eecea7b4a9be1d378b19ee768843059a3e38..f0897d98b281051182cb70be71d1dec8825ee5c8 100644 --- a/actionpack/lib/action_controller/dispatcher.rb +++ b/actionpack/lib/action_controller/dispatcher.rb @@ -44,9 +44,22 @@ def to_prepare(identifier = nil, &block) cattr_accessor :middleware self.middleware = MiddlewareStack.new do |middleware| - middleware.use "ActionController::Lock", :if => lambda { !ActionController::Base.allow_concurrency } + middleware.use "ActionController::Lock", :if => lambda { + !ActionController::Base.allow_concurrency + } middleware.use "ActionController::Failsafe" - middleware.use "ActionController::SessionManagement::Middleware" + + ["ActionController::Session::CookieStore", + "ActionController::Session::MemCacheStore", + "ActiveRecord::SessionStore"].each do |store| + middleware.use(store, ActionController::Base.session_options, + :if => lambda { + if session_store = ActionController::Base.session_store + session_store.name == store + end + } + ) + end end include ActiveSupport::Callbacks diff --git a/actionpack/lib/action_controller/middleware_stack.rb b/actionpack/lib/action_controller/middleware_stack.rb index ba99f77b81b13fe044449e9ef876822be85805b1..74f28565c0328191694d1bf8521cecb5efc3c367 100644 --- a/actionpack/lib/action_controller/middleware_stack.rb +++ b/actionpack/lib/action_controller/middleware_stack.rb @@ -1,14 +1,10 @@ module ActionController class MiddlewareStack < Array class Middleware - attr_reader :klass, :args, :block + attr_reader :args, :block def initialize(klass, *args, &block) - if klass.is_a?(Class) - @klass = klass - else - @klass = klass.to_s.constantize - end + @klass = klass options = args.extract_options! if options.has_key?(:if) @@ -22,6 +18,14 @@ def initialize(klass, *args, &block) @block = block end + def klass + if @klass.is_a?(Class) + @klass + else + @klass.to_s.constantize + end + end + def active? if @conditional.respond_to?(:call) @conditional.call diff --git a/actionpack/lib/action_controller/session/abstract_store.rb b/actionpack/lib/action_controller/session/abstract_store.rb index 7874ee5a283661da27c30f980df8ee0cc4542de8..2218152c2cae565a4e3d2d649dc8c9d981ed49dd 100644 --- a/actionpack/lib/action_controller/session/abstract_store.rb +++ b/actionpack/lib/action_controller/session/abstract_store.rb @@ -60,7 +60,7 @@ def load! end DEFAULT_OPTIONS = { - :key => 'rack.session', + :key => '_session_id', :path => '/', :domain => nil, :expire_after => nil, @@ -70,6 +70,18 @@ def load! } def initialize(app, options = {}) + # Process legacy CGI options + options = options.symbolize_keys + if options.has_key?(:session_path) + options[:path] = options.delete(:session_path) + end + if options.has_key?(:session_key) + options[:key] = options.delete(:session_key) + end + if options.has_key?(:session_http_only) + options[:httponly] = options.delete(:session_http_only) + end + @app = app @default_options = DEFAULT_OPTIONS.merge(options) @key = @default_options[:key] diff --git a/actionpack/lib/action_controller/session/cookie_store.rb b/actionpack/lib/action_controller/session/cookie_store.rb index ce3cf354fd5de2fc0bc4b5e270dc25f6eaed3d68..158c940cc263912045657fe583659ef0f4165e73 100644 --- a/actionpack/lib/action_controller/session/cookie_store.rb +++ b/actionpack/lib/action_controller/session/cookie_store.rb @@ -41,9 +41,11 @@ class CookieStore SECRET_MIN_LENGTH = 30 # characters DEFAULT_OPTIONS = { - :domain => nil, - :path => "/", - :expire_after => nil + :key => '_session_id', + :domain => nil, + :path => "/", + :expire_after => nil, + :httponly => false }.freeze ENV_SESSION_KEY = "rack.session".freeze @@ -56,6 +58,18 @@ class CookieOverflow < StandardError; end def initialize(app, options = {}) options = options.dup + # Process legacy CGI options + options = options.symbolize_keys + if options.has_key?(:session_path) + options[:path] = options.delete(:session_path) + end + if options.has_key?(:session_key) + options[:key] = options.delete(:session_key) + end + if options.has_key?(:session_http_only) + options[:httponly] = options.delete(:session_http_only) + end + @app = app # The session_key option is required. diff --git a/actionpack/lib/action_controller/session_management.rb b/actionpack/lib/action_controller/session_management.rb index a9989d819875c166691a9a88439992798491774b..f06a0da75ca0ee0fe7d0cd1a6749830ea48bd1f1 100644 --- a/actionpack/lib/action_controller/session_management.rb +++ b/actionpack/lib/action_controller/session_management.rb @@ -6,35 +6,6 @@ def self.included(base) end end - class Middleware - DEFAULT_OPTIONS = { - :path => "/", - :key => "_session_id", - :httponly => true, - }.freeze - - def self.new(app) - cgi_options = ActionController::Base.session_options - options = cgi_options.symbolize_keys - options = DEFAULT_OPTIONS.merge(options) - if options.has_key?(:session_path) - options[:path] = options.delete(:session_path) - end - if options.has_key?(:session_key) - options[:key] = options.delete(:session_key) - end - if options.has_key?(:session_http_only) - options[:httponly] = options.delete(:session_http_only) - end - - if store = ActionController::Base.session_store - store.new(app, options) - else # Sessions disabled - lambda { |env| app.call(env) } - end - end - end - module ClassMethods # Set the session store to be used for keeping the session data between requests. # By default, sessions are stored in browser cookies (:cookie_store),