localhots/oldhaven
1
0
Fork 0
Code Releases Activity

Session fix

Browse Source
This commit is contained in:
magnolia-fan 2011-10-06 01:54:35 +04:00
parent 7daea8832d
commit cf0491465b
2 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
app/controllers/application_controller.rb
View File

@ -32,11 +32,12 @@ class ApplicationController < ActionController::Base
end end
def session_key def session_key
unless request.cookies['_beathaven_session'].nil? if cookies[:beathaven_sid].nil?
rails_key = request.cookies['_beathaven_session'][0..31] cookies[:beathaven_sid] = {
else :value => Digest::SHA1.hexdigest(Beathaven::Application.config.secret_token+Time.now.to_f.to_s+Random.rand().to_s),
rails_key = Digest::SHA512.hexdigest(Beathaven::Application.config.secret_token+Time.now.to_f.to_s+Random.rand().to_s) :expire => 42.years.from_now.utc
}
end end
Digest::SHA512.hexdigest(rails_key) cookies[:beathaven_sid]
end end
end end

2
config/initializers/session_store.rb
View File

@ -1,6 +1,6 @@
# Be sure to restart your server when you modify this file. # Be sure to restart your server when you modify this file.
Beathaven::Application.config.session_store :cookie_store, key: '_beathaven_session' Beathaven::Application.config.session_store :cookie_store, key: 'beathaven_sid_v'
# Use the database for sessions instead of the cookie-based default, # Use the database for sessions instead of the cookie-based default,
# which shouldn't be used to store highly confidential information # which shouldn't be used to store highly confidential information