Parent

Class Index [+]

Quicksearch

Rack::Session::Cookie

Rack::Session::Cookie provides simple cookie based session management. The session is a Ruby Hash stored as base64 encoded marshalled data set to :key (default: rack.session). When the secret key is set, cookie data is checked for data integrity.

Example:

    use Rack::Session::Cookie, :key => 'rack.session',
                               :domain => 'foo.com',
                               :path => '/',
                               :expire_after => 2592000,
                               :secret => 'change_me'

    All parameters are optional.

Public Class Methods

new(app, options={}) click to toggle source
    # File lib/rack/session/cookie.rb, line 26
26:       def initialize(app, options={})
27:         @app = app
28:         @key = options[:key] || "rack.session"
29:         @secret = options[:secret]
30:         @default_options = {:domain => nil,
31:           :path => "/",
32:           :expire_after => nil}.merge(options)
33:       end

Public Instance Methods

call(env) click to toggle source
    # File lib/rack/session/cookie.rb, line 35
35:       def call(env)
36:         load_session(env)
37:         status, headers, body = @app.call(env)
38:         commit_session(env, status, headers, body)
39:       end

Private Instance Methods

commit_session(env, status, headers, body) click to toggle source
    # File lib/rack/session/cookie.rb, line 63
63:       def commit_session(env, status, headers, body)
64:         session_data = Marshal.dump(env["rack.session"])
65:         session_data = [session_data].pack("m*")
66: 
67:         if @secret
68:           session_data = "#{session_data}--#{generate_hmac(session_data)}"
69:         end
70: 
71:         if session_data.size > (4096 - @key.size)
72:           env["rack.errors"].puts("Warning! Rack::Session::Cookie data size exceeds 4K. Content dropped.")
73:         else
74:           options = env["rack.session.options"]
75:           cookie = Hash.new
76:           cookie[:value] = session_data
77:           cookie[:expires] = Time.now + options[:expire_after] unless options[:expire_after].nil?
78:           Utils.set_cookie_header!(headers, @key, cookie.merge(options))
79:         end
80: 
81:         [status, headers, body]
82:       end
generate_hmac(data) click to toggle source
    # File lib/rack/session/cookie.rb, line 84
84:       def generate_hmac(data)
85:         OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA1.new, @secret, data)
86:       end
load_session(env) click to toggle source
    # File lib/rack/session/cookie.rb, line 43
43:       def load_session(env)
44:         request = Rack::Request.new(env)
45:         session_data = request.cookies[@key]
46: 
47:         if @secret && session_data
48:           session_data, digest = session_data.split("--")
49:           session_data = nil  unless digest == generate_hmac(session_data)
50:         end
51: 
52:         begin
53:           session_data = session_data.unpack("m*").first
54:           session_data = Marshal.load(session_data)
55:           env["rack.session"] = session_data
56:         rescue
57:           env["rack.session"] = Hash.new
58:         end
59: 
60:         env["rack.session.options"] = @default_options.dup
61:       end

Disabled; run with --debug to generate this.

[Validate]

Generated with the Darkfish Rdoc Generator 1.1.6.