github/rails
1
1
Fork 0
mirror of https://github.com/github/rails.git synced 2026-01-30 08:48:06 -05:00
Code Issues Packages Projects Releases Wiki Activity
5,570 Commits 34 Branches 105 Tags
ec4989618ec08d20024a05500bea088514fbdfd4
Commit Graph

47 Commits

Author SHA1 Message Date
David Heinemeier Hansson
ff9ca2ca1e Random hits from the style nazi 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7438 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-09-09 23:12:57 +00:00
Michael Koziarski
d0c83c4354 Fix failing active record store tests 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7317 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-08-14 10:06:07 +00:00
Jeremy Kemper
bbcfb9b625 Cookie session store: ensure that new sessions doesn't reuse data from a deleted session in the same request. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6424 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-03-14 11:33:10 +00:00
Jeremy Kemper
5219aa9008 Cookie session store: raise ArgumentError when :session_key is blank. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6415 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-03-13 20:44:16 +00:00
Rick Olson
2b7dbad8e0 Add a #dbman attr_reader for CGI::Session and make CGI::Session::CookieStore#generate_digest public so it's easy to generate digests 
using the cookie store's secret. [Rick]

git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6342 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-03-06 04:09:14 +00:00
Jeremy Kemper
f254831e83 Cookie store: use OpenSSL::HMAC instead of basic hash. Introduce :secret block and :digest option. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6296 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-03-03 13:54:54 +00:00
Jeremy Kemper
a0563bf7b0 Cookie store: test that >4K raises CookieOverflow and that unverifiable cookies are automatically deleted. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6294 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-03-03 08:18:30 +00:00
Jeremy Kemper
781985f7f2 Cookie session store: empty and unchanged sessions don't write a cookie. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6226 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-02-25 16:35:24 +00:00
Jeremy Kemper
c8f7860d50 CGI escape the session cookie. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6200 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-02-22 01:17:28 +00:00
Jeremy Kemper
f29857690f Introduce a cookie-based session store as the Rails default. Sessions typically contain at most a user_id and flash message; both fit within the 4K cookie size limit. A secure hash is included with the cookie to ensure data integrity (a user cannot alter his user_id without knowing the secret key included in the hash). If you have more than 4K of session data or don't want your data to be visible to the user, pick another session store. Cookie-based sessions are dramatically faster than the alternatives. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6184 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2007-02-21 09:17:38 +00:00
Jeremy Kemper
65ca37b7b7 ARStore needs a data reader method. Closes #4795. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@5531 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2006-11-15 20:08:43 +00:00
Jeremy Kemper
56e3e2fde5 Always clear model associations from session. Closes #4795. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@5512 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2006-11-13 18:59:01 +00:00
Jamis Buck
519e7e5e12 Fix problem with unloaded ARStore sessions being loaded when they are garbage collected, causing problems if there were AR objects in the session. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3817 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2006-03-08 16:53:34 +00:00
Jeremy Kemper
7654082260 Major components cleanup and speedup. Closes #3527. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3563 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2006-02-09 20:05:11 +00:00
Nicholas Seckar
7a43a05a2b Further improvements to reloading code 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3519 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2006-02-02 04:54:07 +00:00
David Heinemeier Hansson
26761d6d32 If included_modules doesnt take a parameter, we shouldnt either 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3509 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2006-02-01 03:58:37 +00:00
Michael Koziarski
e398045774 Fix Syntax problems which were preventing webrick from starting 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3508 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2006-02-01 03:54:37 +00:00
David Heinemeier Hansson
aee8db1584 ActiveRecordStore::Session shouldnt be reloadable 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3506 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2006-02-01 03:08:43 +00:00
David Heinemeier Hansson
6236d518f2 Added the possibility to specify atomatic expiration for the memcachd session container (closes #3571) [Stefan Kaes] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3465 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2006-01-22 22:21:26 +00:00
David Heinemeier Hansson
778d6704d4 Add session ID to default logging, but remove the verbose description of every step [DHH] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3334 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2005-12-22 04:04:56 +00:00
Jeremy Kemper
63b792162b Make data writer private. Marshal/unmarshal handle nil. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3108 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2005-11-20 08:15:51 +00:00
Jeremy Kemper
c7bc10b2e4 Log ActiveRecordStore debugging. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3107 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2005-11-20 08:07:33 +00:00
Jeremy Kemper
cd8686b456 r3173@asus: jeremy | 2005-11-18 23:34:41 -0800 
Ticket 2731 - sessions
 r3185@asus:  jeremy | 2005-11-19 18:02:51 -0800
 eliminate const redefinition warning
 r3186@asus:  jeremy | 2005-11-19 19:25:50 -0800
 Use :database option instead of :dbfile
 r3187@asus:  jeremy | 2005-11-19 19:34:31 -0800
 Data writer assigns to instance var.  Since nothing is calling write_attribute on the data column except for marshal_data, simplify data reader to lazy-unmarshal the data column (no worrying whether it's already unmarshaled)
 r3188@asus:  jeremy | 2005-11-19 19:35:40 -0800
 Explicitly create the session class so that subsequent requests for the session can find it in the database.  This is masking a problem with the controller losing its @session instance var and therefore requesting a new session.
 r3189@asus:  jeremy | 2005-11-19 19:36:40 -0800
 Using create unnecessarily  broadens the existing duck-typing so use new + save instead.
 r3194@asus:  jeremy | 2005-11-19 20:28:17 -0800
 Test creation of another instance while first instance is still active.  Should return same session_id.
 r3195@asus:  jeremy | 2005-11-19 20:39:45 -0800
 Always create new AR sessions rather than trying too hard to avoid database traffic.  References #2731.


git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@3100 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2005-11-20 04:41:59 +00:00
Jeremy Kemper
0abaf3a2d8 CGI::Session::ActiveRecordStore.data_column_name = 'foobar' to use a different session data column than the 'data' default. References #2731. Remove error-prone method_missing passthrough to session model. Cleanup. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@2944 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2005-11-09 01:03:24 +00:00
Nicholas Seckar
d6461bf9f5 Remove fingerprinting from AR session store; fix bug in store. Closes #2612 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@2754 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2005-10-26 20:15:43 +00:00
Jeremy Kemper
22d9bad8a0 Expose the session model backing CGI::Session 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@2696 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2005-10-20 21:59:48 +00:00
Marcel Molina
ff8fe662ef Use the more appropriate columns_hash to get the session data column size limit. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@2663 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2005-10-17 03:13:04 +00:00
Jamis Buck
bfbf6bba1f Allow ARStore::Session to indicate that it should not be reloaded in dev mode 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@2627 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2005-10-15 20:49:04 +00:00
Marcel Molina
48fd667bda Raise an exception if an attempt is made to insert more session data into the ActiveRecordStore data column than the column can hold. Closes #2234. 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@2612 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2005-10-15 14:39:29 +00:00
David Heinemeier Hansson
8a35865b74 Added small note about how longtext might be needed for large session data 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@2275 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2005-09-20 10:54:11 +00:00
David Heinemeier Hansson
c259ed9e02 Use session_id instead of deprecated sessid 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@2221 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2005-09-12 17:35:17 +00:00
Jeremy Kemper
37f90e0f6b r2932@asus: jeremy | 2005-07-08 14:21:36 -0700 
Silence find_by_session_id also.


git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@1771 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2005-07-08 16:36:26 +00:00
Jeremy Kemper
870cca6829 r2866@asus: jeremy | 2005-07-05 13:23:10 -0700 
Silence ARStore session activity in the logs.


git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@1711 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2005-07-05 15:04:44 +00:00
Jeremy Kemper
1e6603e6e7 r2850@asus: jeremy | 2005-07-05 13:08:32 -0700 
Don't be strict about the order in which AR store methods are called.  Allow e.g. session close followed by session close.


git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@1710 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2005-07-05 14:50:07 +00:00
Jeremy Kemper
d80d9a52bd r2837@asus: jeremy | 2005-07-05 00:34:31 -0700 
Don't restrict sessid compat. check to a single run.  Reset cached column info before checking in case it's stale (may happen if you change table_name).  Make the test a private class method.


git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@1693 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2005-07-05 02:29:42 +00:00
Jeremy Kemper
9ad1f49985 r2810@asus: jeremy | 2005-07-04 19:29:54 -0700 
correct marshaling and fingerprinting logic


git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@1682 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2005-07-04 21:26:54 +00:00
Jeremy Kemper
fd901df35d r2807@asus: jeremy | 2005-07-04 18:15:18 -0700 
Fingerprint the marshaled data.


git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@1679 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2005-07-04 21:26:41 +00:00
Jeremy Kemper
452442dde8 r2790@asus: jeremy | 2005-07-04 16:30:58 -0700 
smart active record session class.  session class is pluggable; a basic SqlBypass class is provided.  set CGI::Session::ActiveRecordStore.session_class = SqlBypass and set SqlBypass.connection = SomeARConnection.  Further tests pending.


git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@1671 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2005-07-04 18:30:27 +00:00
David Heinemeier Hansson
19e8b42a56 Changed ActiveRecordStore to use Marshal instead of YAML as the latter proved troublesome in persisting circular dependencies. Updating existing applications MUST clear their existing session table from data to start using this updated store #739 [Jamis Buck] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@866 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2005-03-06 23:34:03 +00:00
David Heinemeier Hansson
c00bf5f0c6 Fixed the verbosity of using the AR store 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@639 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2005-02-17 01:23:41 +00:00
David Heinemeier Hansson
02d0558738 Make the store less verbose when saving the session data 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@529 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2005-02-07 19:12:11 +00:00
David Heinemeier Hansson
098fa94356 Fixed documentation snafus #575, #576, #577, #585 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@525 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2005-02-07 14:15:53 +00:00
David Heinemeier Hansson
838c5a3d82 Minor refactoring to prettify 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@517 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2005-02-06 18:29:11 +00:00
David Heinemeier Hansson
0d1e3846d6 Fixed that MemCacheStore wasn't included by default and added default MemCache object pointing to localhost #447 [Lucas Carlson] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@384 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2005-01-11 00:29:55 +00:00
David Heinemeier Hansson
3e74ea89bc Added MemCacheStore for storing session data in Danga's MemCache system [Bob Cottrell] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@330 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2005-01-04 02:09:38 +00:00
David Heinemeier Hansson
ddcc67115c Added thread-safety to the DRbStore #66, #389 [Ben Stiglitz] 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@315 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2005-01-02 16:00:50 +00:00
David Heinemeier Hansson
db045dbbf6 Initial 
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@4 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
 2004-11-24 01:04:44 +00:00