class ActionDispatch::Session::AbstractStore
def call(env)
def call(env) prepare!(env) response = @app.call(env) session_data = env[ENV_SESSION_KEY] options = env[ENV_SESSION_OPTIONS_KEY] if !session_data.is_a?(AbstractStore::SessionHash) || session_data.loaded? || options[:expire_after] session_data.send(:load!) if session_data.is_a?(AbstractStore::SessionHash) && !session_data.loaded? sid = options[:id] || generate_sid session_data = session_data.to_hash value = set_session(env, sid, session_data) return response unless value cookie = { :value => value } unless options[:expire_after].nil? cookie[:expires] = Time.now + options.delete(:expire_after) end request = ActionDispatch::Request.new(env) set_cookie(request, cookie.merge!(options)) end response end
def current_session_id(env)
def current_session_id(env) env[ENV_SESSION_OPTIONS_KEY][:id] end
def destroy(env)
def destroy(env) raise '#destroy needs to be implemented.' end
def ensure_session_key!
def ensure_session_key! if @key.blank? raise ArgumentError, 'A key is required to write a ' + 'cookie containing the session data. Use ' + 'config.session_store SESSION_STORE, { :key => ' + '"_myapp_session" } in config/application.rb' end end
def exists?(env)
def exists?(env) current_session_id(env).present? end
def extract_session_id(env)
def extract_session_id(env) stale_session_check! do request = ActionDispatch::Request.new(env) sid = request.cookies[@key] sid ||= request.params[@key] unless @cookie_only sid end end
def generate_sid
def generate_sid ActiveSupport::SecureRandom.hex(16) end
def get_session(env, sid)
def get_session(env, sid) raise '#get_session needs to be implemented.' end
def initialize(app, options = {})
def initialize(app, options = {}) @app = app @default_options = DEFAULT_OPTIONS.merge(options) @key = @default_options.delete(:key).freeze @cookie_only = @default_options.delete(:cookie_only) ensure_session_key! end
def load_session(env)
def load_session(env) stale_session_check! do sid = current_session_id(env) sid, session = get_session(env, sid) [sid, session] end end
def prepare!(env)
def prepare!(env) env[ENV_SESSION_KEY] = SessionHash.new(self, env) env[ENV_SESSION_OPTIONS_KEY] = OptionsHash.new(self, env, @default_options) end
def set_cookie(request, options)
def set_cookie(request, options) if request.cookie_jar[@key] != options[:value] || !options[:expires].nil? request.cookie_jar[@key] = options end end
def set_session(env, sid, session_data)
def set_session(env, sid, session_data) raise '#set_session needs to be implemented and should return ' << 'the value to be stored in the cookie (usually the sid)' end
def stale_session_check!
def stale_session_check! yield rescue ArgumentError => argument_error if argument_error.message =~ %r{undefined class/module ([\w:]*\w)} begin # Note that the regexp does not allow $1 to end with a ':' $1.constantize rescue LoadError, NameError => const_error raise ActionDispatch::Session::SessionRestoreError, "Session contains objects whose class definition isn't available.\nRemember to require the classes for all objects kept in the session.\n(Original exception: #{const_error.message} [#{const_error.class}])\n" end retry else raise end end