From 55acbcb560cc7c635420060bc22bdb2c221a3b8d Mon Sep 17 00:00:00 2001 From: Jean-Philippe Lang Date: Sun, 23 Jan 2011 11:20:46 +0000 Subject: [PATCH] Makes the autologin cookie configurable (#1763). The cookie attributes (name, path, secure) can now be set in config/configuration.yml. git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4756 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- app/controllers/account_controller.rb | 15 +++++++++++++-- config/configuration.yml.example | 8 ++++++++ 2 files changed, 21 insertions(+), 2 deletions(-) diff --git a/app/controllers/account_controller.rb b/app/controllers/account_controller.rb index 5fa56b167..52b15a171 100644 --- a/app/controllers/account_controller.rb +++ b/app/controllers/account_controller.rb @@ -203,12 +203,23 @@ class AccountController < ApplicationController self.logged_user = user # generate a key and set cookie if autologin if params[:autologin] && Setting.autologin? - token = Token.create(:user => user, :action => 'autologin') - cookies[:autologin] = { :value => token.value, :expires => 1.year.from_now } + set_autologin_cookie(user) end call_hook(:controller_account_success_authentication_after, {:user => user }) redirect_back_or_default :controller => 'my', :action => 'page' end + + def set_autologin_cookie(user) + token = Token.create(:user => user, :action => 'autologin') + cookie_name = Redmine::Configuration['autologin_cookie_name'] || 'autologin' + cookie_options = { + :value => token.value, + :expires => 1.year.from_now, + :path => (Redmine::Configuration['autologin_cookie_path'] || '/'), + :secure => (Redmine::Configuration['autologin_cookie_secure'] ? true : false) + } + cookies[cookie_name] = cookie_options + end # Onthefly creation failed, display the registration form to fill/fix attributes def onthefly_creation_failed(user, auth_source_options = { }) diff --git a/config/configuration.yml.example b/config/configuration.yml.example index 673c25ae7..5756907dc 100644 --- a/config/configuration.yml.example +++ b/config/configuration.yml.example @@ -99,6 +99,14 @@ default: # attachments_storage_path: D:/redmine/files attachments_storage_path: + # Configuration of the autologin cookie. + # autologin_cookie_name: the name of the cookie (default: autologin) + # autologin_cookie_path: the cookie path (default: /) + # autologin_cookie_secure: true sets the cookie secure flag (default: false) + autologin_cookie_name: + autologin_cookie_path: + autologin_cookie_secure: + # specific configuration options for production environment # that overrides the default ones production: