Module | ActionController::SessionManagement::ClassMethods |
In: |
vendor/rails/actionpack/lib/action_controller/session_management.rb
|
Specify how sessions ought to be managed for a subset of the actions on the controller. Like filters, you can specify :only and :except clauses to restrict the subset, otherwise options apply to all actions on this controller.
The session options are inheritable, as well, so if you specify them in a parent controller, they apply to controllers that extend the parent.
Usage:
# turn off session management for all actions. session :off # turn off session management for all actions _except_ foo and bar. session :off, :except => %w(foo bar) # turn off session management for only the foo and bar actions. session :off, :only => %w(foo bar) # the session will only work over HTTPS, but only for the foo action session :only => :foo, :session_secure => true # the session will only be disabled for 'foo', and only if it is # requested as a web service session :off, :only => :foo, :if => Proc.new { |req| req.parameters[:ws] } # the session will be disabled for non html/ajax requests session :off, :if => Proc.new { |req| !(req.format.html? || req.format.js?) } # turn the session back on, useful when it was turned off in the # application controller, and you need it on in another controller session :on
All session options described for ActionController::Base.process_cgi are valid arguments.
# File vendor/rails/actionpack/lib/action_controller/session_management.rb, line 78 78: def session(*args) 79: options = args.extract_options! 80: 81: options[:disabled] = false if args.delete(:on) 82: options[:disabled] = true if !args.empty? 83: options[:only] = [*options[:only]].map { |o| o.to_s } if options[:only] 84: options[:except] = [*options[:except]].map { |o| o.to_s } if options[:except] 85: if options[:only] && options[:except] 86: raise ArgumentError, "only one of either :only or :except are allowed" 87: end 88: 89: write_inheritable_array("session_options", [options]) 90: end
Returns the hash used to configure the session. Example use:
ActionController::Base.session_options[:session_secure] = true # session only available over HTTPS
# File vendor/rails/actionpack/lib/action_controller/session_management.rb, line 37 37: def session_options 38: ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS 39: end
Set the session store to be used for keeping the session data between requests. By default, sessions are stored in browser cookies (:cookie_store), but you can also specify one of the other included stores (:active_record_store, :p_store, :drb_store, :mem_cache_store, or :memory_store) or your own custom class.
# File vendor/rails/actionpack/lib/action_controller/session_management.rb, line 24 24: def session_store=(store) 25: ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS[:database_manager] = 26: store.is_a?(Symbol) ? CGI::Session.const_get(store == :drb_store ? "DRbStore" : store.to_s.camelize) : store 27: end