Module: Merb::SessionMixin::RequestMixin

Defined in:

lib/merb-core/dispatch/session.rb

Defined Under Namespace

Modules: ClassMethods

Class Method Summary

• .included(base) ⇒ Object

  Adds class methods to Merb::Request object.

Instance Method Summary

• #default_cookies ⇒ Object

  Assign default cookie values.

• #default_session_store ⇒ Object

  The default session store type.

• #destroy_session_cookie ⇒ Object

  Destroy the session cookie.

• #finalize_session ⇒ Object (also: #finalize_sessions)

  Teardown and/or persist the current sessions.

• #session(session_store = nil) ⇒ Object

  Returns session container.

• #session=(new_session) ⇒ Object

  Parameters new_session<Merb::SessionContainer>:: A session store instance.

• #session?(session_store = nil) ⇒ Boolean

  Whether a session has been setup.

• #session_cookie_value ⇒ Object (also: #session_id)

  Returns String:: The value of the session cookie; either the session id or the actual encoded data.

• #session_stores ⇒ Object

  Returns Hash:: All active session stores by type.

• #set_session_cookie_value(value, options = {}) ⇒ Object (also: #set_session_id_cookie)

  Sets session cookie value.

Class Method Details

.included(base) ⇒ Object

Adds class methods to Merb::Request object. Sets up repository of session store types. Sets the session ID key and expiry values.

:api: private

# File 'lib/merb-core/dispatch/session.rb', line 125

def self.included(base)
  base.extend ClassMethods
  
  # Keep track of all known session store types.
  base.cattr_accessor :registered_session_types
  base.registered_session_types = Dictionary.new
  base.class_inheritable_accessor :_session_id_key, :_session_secret_key,
                                  :_session_expiry, :_session_secure,
                                  :_session_http_only, :_default_cookie_domain
  
  base._session_id_key        = Merb::Config[:session_id_key] || '_session_id'
  base._session_expiry        = Merb::Config[:session_expiry] || 0
  base._session_secret_key    = Merb::Config[:session_secret_key]
  base._session_secure        = Merb::Config[:session_secure] || false
  base._session_http_only     = Merb::Config[:session_http_only] || false
  base._default_cookie_domain = Merb::Config[:default_cookie_domain]
end

Instance Method Details

#default_cookies ⇒ Object

Assign default cookie values

:api: private

# File 'lib/merb-core/dispatch/session.rb', line 245

def default_cookies
  defaults = {}
  if route && route.allow_fixation? && params.key?(_session_id_key)
    Merb.logger.info("Fixated session id: #{_session_id_key}")
    defaults[_session_id_key] = params[_session_id_key]
  end
  defaults
end

#default_session_store ⇒ Object

The default session store type.

:api: private

# File 'lib/merb-core/dispatch/session.rb', line 162

def default_session_store
  Merb::Config[:session_store] && Merb::Config[:session_store].to_sym
end

#destroy_session_cookie ⇒ Object

Destroy the session cookie.

:api: private

# File 'lib/merb-core/dispatch/session.rb', line 283

def destroy_session_cookie
  cookies.delete(_session_id_key)
end

#finalize_session ⇒ Object Also known as: finalize_sessions

Teardown and/or persist the current sessions.

:api: private

# File 'lib/merb-core/dispatch/session.rb', line 237

def finalize_session
  session_stores.each { |name, store| store.finalize(self) }
end

#session(session_store = nil) ⇒ Object

Returns session container. Merb is able to handle multiple session stores, hence a parameter to pick it.

Parameters

session_store<String>

The type of session store to access,

defaults to default_session_store.

Notes

If no suitable session store type is given, it defaults to cookie-based sessions.

Returns

SessionContainer

an instance of a session store extending Merb::SessionContainer.

:api: public

# File 'lib/merb-core/dispatch/session.rb', line 190

def session(session_store = nil)
  session_store ||= default_session_store
  if class_name = self.class.registered_session_types[session_store]
    session_stores[session_store] ||= Object.full_const_get(class_name).setup(self)
  elsif fallback = self.class.registered_session_types.keys.first
    Merb.logger.warn "Session store '#{session_store}' not found. Check your configuration in init file."
    Merb.logger.warn "Falling back to #{fallback} session store."
    session(fallback)
  else
    msg = "No session store set. Set it in init file like this: c[:session_store] = 'activerecord'"
    Merb.logger.error!(msg)
    raise NoSessionContainer, msg            
  end
end

#session=(new_session) ⇒ Object

Parameters

new_session<Merb::SessionContainer>

A session store instance.

Notes

The session is assigned internally by its session_store_type key.

:api: private

# File 'lib/merb-core/dispatch/session.rb', line 212

def session=(new_session)
  if self.session?(new_session.class.session_store_type)
    original_session_id = self.session(new_session.class.session_store_type).session_id
    if new_session.session_id != original_session_id
      set_session_id_cookie(new_session.session_id)
    end
  end
  session_stores[new_session.class.session_store_type] = new_session
end

#session?(session_store = nil) ⇒ Boolean

Whether a session has been setup

Returns

Boolean

true if the session is part of the session stores configured.

:api: private

Returns:

• (Boolean)

# File 'lib/merb-core/dispatch/session.rb', line 228

def session?(session_store = nil)
  (session_store ? [session_store] : session_stores).any? do |type, store|
    store.is_a?(Merb::SessionContainer)
  end
end

#session_cookie_value ⇒ Object Also known as: session_id

Returns

String

The value of the session cookie; either the session id or the actual encoded data.

:api: private

# File 'lib/merb-core/dispatch/session.rb', line 275

def session_cookie_value
  cookies[_session_id_key]
end

#session_stores ⇒ Object

Returns

Hash

All active session stores by type.

:api: private

# File 'lib/merb-core/dispatch/session.rb', line 170

def session_stores
  @session_stores ||= {}
end

#set_session_cookie_value(value, options = {}) ⇒ Object Also known as: set_session_id_cookie

Sets session cookie value.

Parameters

value<String>

The value of the session cookie; either the session id or the actual encoded data.

options<Hash>

Cookie options like domain, path and expired.

:api: private

# File 'lib/merb-core/dispatch/session.rb', line 261

def set_session_cookie_value(value, options = {})
  defaults = {}
  defaults[:expires]   = Time.now + _session_expiry if _session_expiry > 0
  defaults[:domain]    = _default_cookie_domain if _default_cookie_domain
  defaults[:secure]    = _session_secure
  defaults[:http_only] = _session_http_only
  cookies.set_cookie(_session_id_key, value, defaults.merge(options))
end