localhots
/
oldhaven
1
0
Fork 0
Code Releases Activity

Session fix

This commit is contained in:
magnolia-fan 2011-10-06 01:54:35 +04:00
parent 7daea8832d
commit cf0491465b
2 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
app/controllers/application_controller.rb
View File

@ -32,11 +32,12 @@ class ApplicationController < ActionController::Base
end
def session_key
unless request.cookies['_beathaven_session'].nil?
rails_key = request.cookies['_beathaven_session'][0..31]
else
rails_key = Digest::SHA512.hexdigest(Beathaven::Application.config.secret_token+Time.now.to_f.to_s+Random.rand().to_s)
if cookies[:beathaven_sid].nil?
cookies[:beathaven_sid] = {
:value => Digest::SHA1.hexdigest(Beathaven::Application.config.secret_token+Time.now.to_f.to_s+Random.rand().to_s),
:expire => 42.years.from_now.utc
}
end
Digest::SHA512.hexdigest(rails_key)
cookies[:beathaven_sid]
end
end

2
config/initializers/session_store.rb
View File

@ -1,6 +1,6 @@
# Be sure to restart your server when you modify this file.
Beathaven::Application.config.session_store :cookie_store, key: '_beathaven_session'
Beathaven::Application.config.session_store :cookie_store, key: 'beathaven_sid_v'
# Use the database for sessions instead of the cookie-based default,
# which shouldn't be used to store highly confidential information