Makes the autologin cookie configurable (#1763).

The cookie attributes (name, path, secure) can now be set in config/configuration.yml.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4756 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Jean-Philippe Lang 2011-01-23 11:20:46 +00:00
parent 7dd464c577
commit 55acbcb560
2 changed files with 21 additions and 2 deletions

View File

@ -203,13 +203,24 @@ class AccountController < ApplicationController
self.logged_user = user
# generate a key and set cookie if autologin
if params[:autologin] && Setting.autologin?
token = Token.create(:user => user, :action => 'autologin')
cookies[:autologin] = { :value => token.value, :expires => 1.year.from_now }
set_autologin_cookie(user)
end
call_hook(:controller_account_success_authentication_after, {:user => user })
redirect_back_or_default :controller => 'my', :action => 'page'
end
def set_autologin_cookie(user)
token = Token.create(:user => user, :action => 'autologin')
cookie_name = Redmine::Configuration['autologin_cookie_name'] || 'autologin'
cookie_options = {
:value => token.value,
:expires => 1.year.from_now,
:path => (Redmine::Configuration['autologin_cookie_path'] || '/'),
:secure => (Redmine::Configuration['autologin_cookie_secure'] ? true : false)
}
cookies[cookie_name] = cookie_options
end
# Onthefly creation failed, display the registration form to fill/fix attributes
def onthefly_creation_failed(user, auth_source_options = { })
@user = user

View File

@ -99,6 +99,14 @@ default:
# attachments_storage_path: D:/redmine/files
attachments_storage_path:
# Configuration of the autologin cookie.
# autologin_cookie_name: the name of the cookie (default: autologin)
# autologin_cookie_path: the cookie path (default: /)
# autologin_cookie_secure: true sets the cookie secure flag (default: false)
autologin_cookie_name:
autologin_cookie_path:
autologin_cookie_secure:
# specific configuration options for production environment
# that overrides the default ones
production: