Class: Rack::Session::EncryptedCookie

Inherits:

Object

Object
Rack::Session::EncryptedCookie

show all

Defined in:: lib/encrypted_cookie.rb

Overview

Rack::Session::EncryptedCookie provides AES-128-encrypted, tamper-proof cookie-based session management.

The session is Marshal’d, HMAC’d, and encrypted.

Example:

use Rack::Session::EncryptedCookie,
  :secret => 'change_me',
  :key => 'rack.session',
  :domain => 'foo.com',
  :path => '/',
  :expire_after => 2592000

All parameters are optional except :secret.

Instance Method Summary collapse

#call(env) ⇒ Object
#initialize(app, options = {}) ⇒ EncryptedCookie constructor

A new instance of EncryptedCookie.

Constructor Details

#initialize(app, options = {}) ⇒ `EncryptedCookie`

Returns a new instance of EncryptedCookie.

# File 'lib/encrypted_cookie.rb', line 27

def initialize(app, options={})
  @app = app
  @key = options[:key] || "rack.session"
  @secret = options[:secret]
  fail "Error! A secret is required to use encrypted cookies. Do something like this:\n\nuse Rack::Session::EncryptedCookie, :secret => YOUR_VERY_LONG_VERY_RANDOM_SECRET_KEY_HERE" unless @secret
  @default_options = {:domain => nil,
    :path => "/",
    :expire_after => nil}.merge(options)
end

Instance Method Details

#call(env) ⇒ `Object`

# File 'lib/encrypted_cookie.rb', line 37

def call(env)
  load_session(env)
  status, headers, body = @app.call(env)
  commit_session(env, status, headers, body)
end