2004-11-25 21:04:35 -05:00
|
|
|
module ActionController #:nodoc:
|
2008-05-02 09:45:23 -04:00
|
|
|
# Cookies are read and written through ActionController#cookies.
|
2004-11-25 21:04:35 -05:00
|
|
|
#
|
2008-05-02 09:45:23 -04:00
|
|
|
# The cookies being read are the ones received along with the request, the cookies
|
|
|
|
# being written will be sent out with the response. Reading a cookie does not get
|
|
|
|
# the cookie object itself back, just the value it holds.
|
|
|
|
#
|
|
|
|
# Examples for writing:
|
|
|
|
#
|
|
|
|
# # Sets a simple session cookie.
|
|
|
|
# cookies[:user_name] = "david"
|
|
|
|
#
|
|
|
|
# # Sets a cookie that expires in 1 hour.
|
2006-08-20 01:28:47 -04:00
|
|
|
# cookies[:login] = { :value => "XJ-122", :expires => 1.hour.from_now }
|
|
|
|
#
|
2004-11-25 21:04:35 -05:00
|
|
|
# Examples for reading:
|
|
|
|
#
|
2005-05-22 04:58:43 -04:00
|
|
|
# cookies[:user_name] # => "david"
|
2008-05-02 09:45:23 -04:00
|
|
|
# cookies.size # => 2
|
2006-08-20 01:28:47 -04:00
|
|
|
#
|
2004-12-16 12:45:37 -05:00
|
|
|
# Example for deleting:
|
|
|
|
#
|
2005-05-22 04:58:43 -04:00
|
|
|
# cookies.delete :user_name
|
2004-11-25 21:04:35 -05:00
|
|
|
#
|
2008-07-16 08:00:36 -04:00
|
|
|
# Please note that if you specify a :domain when setting a cookie, you must also specify the domain when deleting the cookie:
|
|
|
|
#
|
|
|
|
# cookies[:key] = {
|
|
|
|
# :value => 'a yummy cookie',
|
|
|
|
# :expires => 1.year.from_now,
|
|
|
|
# :domain => 'domain.com'
|
|
|
|
# }
|
|
|
|
#
|
|
|
|
# cookies.delete(:key, :domain => 'domain.com')
|
|
|
|
#
|
2008-05-02 09:45:23 -04:00
|
|
|
# The option symbols for setting cookies are:
|
2004-11-25 21:04:35 -05:00
|
|
|
#
|
2008-05-02 09:45:23 -04:00
|
|
|
# * <tt>:value</tt> - The cookie's value or list of values (as an array).
|
|
|
|
# * <tt>:path</tt> - The path for which this cookie applies. Defaults to the root
|
|
|
|
# of the application.
|
|
|
|
# * <tt>:domain</tt> - The domain for which this cookie applies.
|
|
|
|
# * <tt>:expires</tt> - The time at which this cookie expires, as a Time object.
|
|
|
|
# * <tt>:secure</tt> - Whether this cookie is a only transmitted to HTTPS servers.
|
|
|
|
# Default is +false+.
|
2009-02-07 16:37:54 -05:00
|
|
|
# * <tt>:httponly</tt> - Whether this cookie is accessible via scripting or
|
2008-05-02 09:45:23 -04:00
|
|
|
# only HTTP. Defaults to +false+.
|
2004-11-25 21:04:35 -05:00
|
|
|
module Cookies
|
2009-10-26 21:01:09 -04:00
|
|
|
extend ActiveSupport::Concern
|
|
|
|
|
2009-12-20 21:05:26 -05:00
|
|
|
include RackDelegation
|
2009-10-26 21:01:09 -04:00
|
|
|
|
|
|
|
included do
|
|
|
|
helper_method :cookies
|
2007-10-31 12:46:56 -04:00
|
|
|
end
|
|
|
|
|
2009-10-26 21:01:09 -04:00
|
|
|
protected
|
|
|
|
# Returns the cookie container, which operates as described above.
|
|
|
|
def cookies
|
|
|
|
@cookies ||= CookieJar.build(request, response)
|
|
|
|
end
|
2004-11-25 21:04:35 -05:00
|
|
|
end
|
2006-08-20 01:28:47 -04:00
|
|
|
|
2004-11-26 09:52:59 -05:00
|
|
|
class CookieJar < Hash #:nodoc:
|
2009-10-26 21:01:09 -04:00
|
|
|
def self.build(request, response)
|
|
|
|
new.tap do |hash|
|
|
|
|
hash.update(request.cookies)
|
|
|
|
hash.response = response
|
|
|
|
end
|
2004-11-25 21:04:35 -05:00
|
|
|
end
|
|
|
|
|
2009-10-26 21:01:09 -04:00
|
|
|
attr_accessor :response
|
|
|
|
|
2008-05-02 09:45:23 -04:00
|
|
|
# Returns the value of the cookie by +name+, or +nil+ if no such cookie exists.
|
2004-11-25 21:04:35 -05:00
|
|
|
def [](name)
|
2008-12-20 22:25:09 -05:00
|
|
|
super(name.to_s)
|
2004-11-25 21:04:35 -05:00
|
|
|
end
|
2006-08-20 01:28:47 -04:00
|
|
|
|
2008-05-02 09:45:23 -04:00
|
|
|
# Sets the cookie named +name+. The second argument may be the very cookie
|
|
|
|
# value, or a hash of options as documented above.
|
2008-12-20 22:25:09 -05:00
|
|
|
def []=(key, options)
|
2004-11-25 21:04:35 -05:00
|
|
|
if options.is_a?(Hash)
|
2008-12-20 22:25:09 -05:00
|
|
|
options.symbolize_keys!
|
2009-10-26 21:01:09 -04:00
|
|
|
value = options[:value]
|
2004-11-25 21:04:35 -05:00
|
|
|
else
|
2009-10-26 21:01:09 -04:00
|
|
|
value = options
|
|
|
|
options = { :value => value }
|
2004-11-25 21:04:35 -05:00
|
|
|
end
|
2006-08-20 01:28:47 -04:00
|
|
|
|
2009-10-26 21:01:09 -04:00
|
|
|
super(key.to_s, value)
|
|
|
|
|
|
|
|
options[:path] ||= "/"
|
|
|
|
response.set_cookie(key, options)
|
2004-11-25 21:04:35 -05:00
|
|
|
end
|
2006-08-20 01:28:47 -04:00
|
|
|
|
2005-04-17 03:18:39 -04:00
|
|
|
# Removes the cookie on the client machine by setting the value to an empty string
|
2008-05-02 09:45:23 -04:00
|
|
|
# and setting its expiration date into the past. Like <tt>[]=</tt>, you can pass in
|
|
|
|
# an options hash to delete cookies with extra data such as a <tt>:path</tt>.
|
2008-12-20 22:25:09 -05:00
|
|
|
def delete(key, options = {})
|
|
|
|
options.symbolize_keys!
|
2009-10-26 21:01:09 -04:00
|
|
|
options[:path] ||= "/"
|
2009-10-14 00:26:53 -04:00
|
|
|
value = super(key.to_s)
|
2009-10-26 21:01:09 -04:00
|
|
|
response.delete_cookie(key, options)
|
2009-10-14 00:26:53 -04:00
|
|
|
value
|
2004-12-08 19:15:58 -05:00
|
|
|
end
|
2004-11-25 21:04:35 -05:00
|
|
|
end
|
2007-12-14 21:29:15 -05:00
|
|
|
end
|