Object
Rack::Session::Cookie provides simple cookie based session management. The session is a Ruby Hash stored as base64 encoded marshalled data set to :key (default: rack.session). When the secret key is set, cookie data is checked for data integrity.
Example:
use Rack::Session::Cookie, :key => 'rack.session', :domain => 'foo.com', :path => '/', :expire_after => 2592000, :secret => 'change_me' All parameters are optional.
# File lib/rack/session/cookie.rb, line 26 26: def initialize(app, options={}) 27: @app = app 28: @key = options[:key] || "rack.session" 29: @secret = options[:secret] 30: @default_options = {:domain => nil, 31: :path => "/", 32: :expire_after => nil}.merge(options) 33: end
# File lib/rack/session/cookie.rb, line 63 63: def commit_session(env, status, headers, body) 64: session_data = Marshal.dump(env["rack.session"]) 65: session_data = [session_data].pack("m*") 66: 67: if @secret 68: session_data = "#{session_data}--#{generate_hmac(session_data)}" 69: end 70: 71: if session_data.size > (4096 - @key.size) 72: env["rack.errors"].puts("Warning! Rack::Session::Cookie data size exceeds 4K. Content dropped.") 73: else 74: options = env["rack.session.options"] 75: cookie = Hash.new 76: cookie[:value] = session_data 77: cookie[:expires] = Time.now + options[:expire_after] unless options[:expire_after].nil? 78: Utils.set_cookie_header!(headers, @key, cookie.merge(options)) 79: end 80: 81: [status, headers, body] 82: end
# File lib/rack/session/cookie.rb, line 84 84: def generate_hmac(data) 85: OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA1.new, @secret, data) 86: end
# File lib/rack/session/cookie.rb, line 43 43: def load_session(env) 44: request = Rack::Request.new(env) 45: session_data = request.cookies[@key] 46: 47: if @secret && session_data 48: session_data, digest = session_data.split("--") 49: session_data = nil unless digest == generate_hmac(session_data) 50: end 51: 52: begin 53: session_data = session_data.unpack("m*").first 54: session_data = Marshal.load(session_data) 55: env["rack.session"] = session_data 56: rescue 57: env["rack.session"] = Hash.new 58: end 59: 60: env["rack.session.options"] = @default_options.dup 61: end
Disabled; run with --debug to generate this.
Generated with the Darkfish Rdoc Generator 1.1.6.