Makes the autologin cookie configurable (#1763).
The cookie attributes (name, path, secure) can now be set in config/configuration.yml. git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4756 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
parent
7dd464c577
commit
55acbcb560
|
@ -203,13 +203,24 @@ class AccountController < ApplicationController
|
|||
self.logged_user = user
|
||||
# generate a key and set cookie if autologin
|
||||
if params[:autologin] && Setting.autologin?
|
||||
token = Token.create(:user => user, :action => 'autologin')
|
||||
cookies[:autologin] = { :value => token.value, :expires => 1.year.from_now }
|
||||
set_autologin_cookie(user)
|
||||
end
|
||||
call_hook(:controller_account_success_authentication_after, {:user => user })
|
||||
redirect_back_or_default :controller => 'my', :action => 'page'
|
||||
end
|
||||
|
||||
def set_autologin_cookie(user)
|
||||
token = Token.create(:user => user, :action => 'autologin')
|
||||
cookie_name = Redmine::Configuration['autologin_cookie_name'] || 'autologin'
|
||||
cookie_options = {
|
||||
:value => token.value,
|
||||
:expires => 1.year.from_now,
|
||||
:path => (Redmine::Configuration['autologin_cookie_path'] || '/'),
|
||||
:secure => (Redmine::Configuration['autologin_cookie_secure'] ? true : false)
|
||||
}
|
||||
cookies[cookie_name] = cookie_options
|
||||
end
|
||||
|
||||
# Onthefly creation failed, display the registration form to fill/fix attributes
|
||||
def onthefly_creation_failed(user, auth_source_options = { })
|
||||
@user = user
|
||||
|
|
|
@ -99,6 +99,14 @@ default:
|
|||
# attachments_storage_path: D:/redmine/files
|
||||
attachments_storage_path:
|
||||
|
||||
# Configuration of the autologin cookie.
|
||||
# autologin_cookie_name: the name of the cookie (default: autologin)
|
||||
# autologin_cookie_path: the cookie path (default: /)
|
||||
# autologin_cookie_secure: true sets the cookie secure flag (default: false)
|
||||
autologin_cookie_name:
|
||||
autologin_cookie_path:
|
||||
autologin_cookie_secure:
|
||||
|
||||
# specific configuration options for production environment
|
||||
# that overrides the default ones
|
||||
production:
|
||||
|
|
Loading…
Reference in New Issue