Class: Merb::CookieSession
- Defined in:
- lib/merb-core/dispatch/session/cookie.rb
Overview
If you have more than 4K of session data or don’t want your data to be visible to the user, pick another session store.
CookieOverflow is raised if you attempt to store more than 4K of data. TamperedWithCookie is raised if the data integrity check fails.
A message digest is included with the cookie to ensure data integrity: a user cannot alter session data without knowing the secret key included in the hash.
To use Cookie Sessions, set in config/merb.yml
:session_secret_key - your secret digest key
:session_store: cookie
Defined Under Namespace
Classes: CookieOverflow, TamperedWithCookie
Constant Summary collapse
- MAX =
Cookies can typically store 4096 bytes.
4096
- DIGEST =
or MD5, RIPEMD160, SHA256?
OpenSSL::Digest::Digest.new('SHA1')
Instance Attribute Summary collapse
-
#data ⇒ Object
readonly
Returns the value of attribute data.
Instance Method Summary collapse
-
#[](k) ⇒ Object
Parameters k<~to_s>:: The key of the session parameter to retrieve.
-
#[]=(k, v) ⇒ Object
Parameters k<~to_s>:: The key of the session parameter to set.
-
#delete ⇒ Object
Deletes the session by emptying stored data.
-
#each(&b) ⇒ Object
Yields the session data to an each block.
-
#initialize(cookie, secret) ⇒ CookieSession
constructor
Parameters cookie<String>:: The cookie.
-
#read_cookie ⇒ Object
Returns String:: Cookie value.
Constructor Details
#initialize(cookie, secret) ⇒ CookieSession
Parameters
- cookie<String>
-
The cookie.
- secret<String>
-
A session secret.
Raises
- ArgumentError
-
Nil or blank secret.
71 72 73 74 75 76 77 |
# File 'lib/merb-core/dispatch/session/cookie.rb', line 71 def initialize(, secret) if secret.nil? or secret.blank? raise ArgumentError, 'A secret is required to generate an integrity hash for cookie session data.' end @secret = secret @data = unmarshal() || Hash.new end |
Dynamic Method Handling
This class handles dynamic methods through the method_missing method
#method_missing(name, *args, &block) ⇒ Object (private)
Attempts to redirect any messages to the data object.
124 125 126 |
# File 'lib/merb-core/dispatch/session/cookie.rb', line 124 def method_missing(name, *args, &block) @data.send(name, *args, &block) end |
Instance Attribute Details
#data ⇒ Object (readonly)
Returns the value of attribute data.
63 64 65 |
# File 'lib/merb-core/dispatch/session/cookie.rb', line 63 def data @data end |
Instance Method Details
#[](k) ⇒ Object
Parameters
- k<~to_s>
-
The key of the session parameter to retrieve.
Returns
- String
-
The value of the session parameter.
104 105 106 |
# File 'lib/merb-core/dispatch/session/cookie.rb', line 104 def [](k) @data[k] end |
#[]=(k, v) ⇒ Object
Parameters
- k<~to_s>
-
The key of the session parameter to set.
- v<~to_s>
-
The value of the session parameter to set.
95 96 97 |
# File 'lib/merb-core/dispatch/session/cookie.rb', line 95 def []=(k, v) @data[k] = v end |
#delete ⇒ Object
Deletes the session by emptying stored data.
117 118 119 |
# File 'lib/merb-core/dispatch/session/cookie.rb', line 117 def delete @data = {} end |
#each(&b) ⇒ Object
Yields the session data to an each block.
Parameter
- &b
-
The block to pass to each.
112 113 114 |
# File 'lib/merb-core/dispatch/session/cookie.rb', line 112 def each(&b) @data.each(&b) end |
#read_cookie ⇒ Object
Returns
- String
-
Cookie value.
Raises
- CookieOverflow
-
Session contains too much information.
84 85 86 87 88 89 90 |
# File 'lib/merb-core/dispatch/session/cookie.rb', line 84 def unless @data.nil? or @data.empty? updated = marshal(@data) raise CookieOverflow if updated.size > MAX updated end end |