Abstract::ID
Rack::Session::Cookie provides simple cookie based session management. By default, the session is a Ruby Hash stored as base64 encoded marshalled data set to :key (default: rack.session). The object that encodes the session data is configurable and must respond to encode and decode. Both methods must take a string and return a string.
When the secret key is set, cookie data is checked for data integrity. The old secret key is also accepted and allows graceful secret rotation.
Example:
use Rack::Session::Cookie, :key => 'rack.session', :domain => 'foo.com', :path => '/', :expire_after => 2592000, :secret => 'change_me', :old_secret => 'also_change_me' All parameters are optional.
Example of a cookie with no encoding:
Rack::Session::Cookie.new(application, { :coder => Rack::Session::Cookie::Identity.new })
Example of a cookie with custom encoding:
Rack::Session::Cookie.new(application, { :coder => Class.new { def encode(str); str.reverse; end def decode(str); str.reverse; end }.new })
# File lib/rack/session/cookie.rb, line 150 150: def destroy_session(env, session_id, options) 151: # Nothing to do here, data is in the client 152: generate_sid unless options[:drop] 153: end
# File lib/rack/session/cookie.rb, line 97 97: def extract_session_id(env) 98: unpacked_cookie_data(env)["session_id"] 99: end
# File lib/rack/session/cookie.rb, line 155 155: def generate_hmac(data, secret) 156: OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA1.new, secret, data) 157: end
# File lib/rack/session/cookie.rb, line 91 91: def load_session(env) 92: data = unpacked_cookie_data(env) 93: data = persistent_session_id!(data) 94: [data["session_id"], data] 95: end
# File lib/rack/session/cookie.rb, line 122 122: def persistent_session_id!(data, sid=nil) 123: data ||= {} 124: data["session_id"] ||= sid || generate_sid 125: data 126: end
# File lib/rack/session/cookie.rb, line 134 134: def set_session(env, session_id, session, options) 135: session = session.merge("session_id" => session_id) 136: session_data = coder.encode(session) 137: 138: if @secrets.first 139: session_data = "#{session_data}--#{generate_hmac(session_data, @secrets.first)}" 140: end 141: 142: if session_data.size > (4096 - @key.size) 143: env["rack.errors"].puts("Warning! Rack::Session::Cookie data size exceeds 4K.") 144: nil 145: else 146: session_data 147: end 148: end
Disabled; run with --debug to generate this.
Generated with the Darkfish Rdoc Generator 1.1.6.