Merge remote branch 'thegcat/273-autologin_cookie_name'

2011-03-24 13:06:13 -07:00 · 2011-03-24 13:06:13 -07:00 · f1878f4a79
parent 9fe45cfe1f 10dffcf3b9
commit f1878f4a79
4 changed files with 13 additions and 10 deletions
--- a/app/controllers/account_controller.rb
+++ b/app/controllers/account_controller.rb
@ -129,7 +129,7 @@ class AccountController < ApplicationController
  
  def logout_user
    if User.current.logged?
-      cookies.delete :autologin
+      cookies.delete Redmine::Configuration['autologin_cookie_name']
      Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin'])
      self.logged_user = nil
    end
@ -211,15 +211,14 @@ class AccountController < ApplicationController
  
  def set_autologin_cookie(user)
    token = Token.create(:user => user, :action => 'autologin')
-    cookie_name = Redmine::Configuration['autologin_cookie_name'] || 'autologin'
    cookie_options = {
      :value => token.value,
      :expires => 1.year.from_now,
-      :path => (Redmine::Configuration['autologin_cookie_path'] || '/'),
-      :secure => (Redmine::Configuration['autologin_cookie_secure'] ? true : false),
+      :path => Redmine::Configuration['autologin_cookie_path'],
+      :secure => Redmine::Configuration['autologin_cookie_secure'],
      :httponly => true
    }
-    cookies[cookie_name] = cookie_options
+    cookies[Redmine::Configuration['autologin_cookie_name']] = cookie_options
  end

  # Onthefly creation failed, display the registration form to fill/fix attributes
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -63,9 +63,9 @@ class ApplicationController < ActionController::Base
    if session[:user_id]
      # existing session
      (User.active.find(session[:user_id]) rescue nil)
-    elsif cookies[:autologin] && Setting.autologin?
+    elsif cookies[Redmine::Configuration['autologin_cookie_name']] && Setting.autologin?
      # auto-login feature starts a new session
-      user = User.try_to_autologin(cookies[:autologin])
+      user = User.try_to_autologin(cookies[Redmine::Configuration['autologin_cookie_name']])
      session[:user_id] = user.id if user
      user
    elsif params[:format] == 'atom' && params[:key] && accept_key_auth_actions.include?(params[:action])
--- a/lib/redmine/configuration.rb
+++ b/lib/redmine/configuration.rb
@ -20,7 +20,11 @@ module Redmine
    
    # Configuration default values
    @defaults = {
-      'email_delivery' => nil
+      'email_delivery' => nil,
+      # Autologin cookie defaults:
+      'autologin_cookie_name'   => 'autologin',
+      'autologin_cookie_path'   => '/',
+      'autologin_cookie_secure' => false,
    }
    
    @config = nil
--- a/test/integration/account_test.rb
+++ b/test/integration/account_test.rb
@ -50,7 +50,7 @@ class AccountTest < ActionController::IntegrationTest
    assert_equal user, token.user
    assert_equal 'autologin', token.action
    assert_equal user.id, session[:user_id]
-    assert_equal token.value, cookies['autologin']
+    assert_equal token.value, cookies[Redmine::Configuration['autologin_cookie_name']]
    
    # Session is cleared
    reset!
@ -60,7 +60,7 @@ class AccountTest < ActionController::IntegrationTest
    assert_nil user.reload.last_login_on
    
    # User comes back with his autologin cookie
-    cookies[:autologin] = token.value
+    cookies[Redmine::Configuration['autologin_cookie_name']] = token.value
    get '/my/page'
    assert_response :success
    assert_template 'my/page'