Specify how sessions ought to be managed for a subset of the actions on the
controller. Like filters, you can specify :only and
:except clauses to restrict the subset, otherwise options
apply to all actions on this controller.
The session options are inheritable, as well, so if you specify them in a parent controller, they apply to controllers that extend the parent.
Usage:
# turn off session management for all actions. session :off # turn off session management for all actions _except_ foo and bar. session :off, :except => %w(foo bar) # turn off session management for only the foo and bar actions. session :off, :only => %w(foo bar) # the session will only work over HTTPS, but only for the foo action session :only => :foo, :session_secure => true # the session will only be disabled for 'foo', and only if it is # requested as a web service session :off, :only => :foo, :if => Proc.new { |req| req.parameters[:ws] }
All session options described for ActionController::Base.process_cgi are valid arguments.
Source: show
# File rails/actionpack/lib/action_controller/session_management.rb, line 66 def session(*args) options = Hash === args.last ? args.pop : {} options[:disabled] = true if !args.empty? options[:only] = [*options[:only]].map { |o| o.to_s } if options[:only] options[:except] = [*options[:except]].map { |o| o.to_s } if options[:except] if options[:only] && options[:except] raise ArgumentError, "only one of either :only or :except are allowed" end write_inheritable_array("session_options", [options]) end
Returns the hash used to configure the session. Example use:
ActionController::Base.session_options[:session_secure] = true # session only available over HTTPS
Source: show
# File rails/actionpack/lib/action_controller/session_management.rb, line 33 def session_options ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS end
Returns the session store class currently used.
Source: show
# File rails/actionpack/lib/action_controller/session_management.rb, line 26 def session_store ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS[:database_manager] end
Set the session store to be used for keeping the session data between requests. The default is using the file system, but you can also specify one of the other included stores (:active_record_store, :drb_store, :mem_cache_store, or :memory_store) or use your own class.
Source: show
# File rails/actionpack/lib/action_controller/session_management.rb, line 20 def session_store=(store) ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS[:database_manager] = store.is_a?(Symbol) ? CGI::Session.const_get(store == :drb_store ? "DRbStore" : store.to_s.camelize) : store end