From 10dffcf3b907cda83d2c1a4a060c174c1a2d4c77 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Felix=20Sch=C3=A4fer?= Date: Sun, 20 Mar 2011 10:18:17 +0100 Subject: [PATCH] Get the autologin cookie name from the config #273 --- app/controllers/account_controller.rb | 9 ++++----- app/controllers/application_controller.rb | 4 ++-- lib/redmine/configuration.rb | 6 +++++- test/integration/account_test.rb | 4 ++-- 4 files changed, 13 insertions(+), 10 deletions(-) diff --git a/app/controllers/account_controller.rb b/app/controllers/account_controller.rb index 0c645e55..5d6f890f 100644 --- a/app/controllers/account_controller.rb +++ b/app/controllers/account_controller.rb @@ -129,7 +129,7 @@ class AccountController < ApplicationController def logout_user if User.current.logged? - cookies.delete :autologin + cookies.delete Redmine::Configuration['autologin_cookie_name'] Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin']) self.logged_user = nil end @@ -211,15 +211,14 @@ class AccountController < ApplicationController def set_autologin_cookie(user) token = Token.create(:user => user, :action => 'autologin') - cookie_name = Redmine::Configuration['autologin_cookie_name'] || 'autologin' cookie_options = { :value => token.value, :expires => 1.year.from_now, - :path => (Redmine::Configuration['autologin_cookie_path'] || '/'), - :secure => (Redmine::Configuration['autologin_cookie_secure'] ? true : false), + :path => Redmine::Configuration['autologin_cookie_path'], + :secure => Redmine::Configuration['autologin_cookie_secure'], :httponly => true } - cookies[cookie_name] = cookie_options + cookies[Redmine::Configuration['autologin_cookie_name']] = cookie_options end # Onthefly creation failed, display the registration form to fill/fix attributes diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 277b9621..c8d32aa1 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -63,9 +63,9 @@ class ApplicationController < ActionController::Base if session[:user_id] # existing session (User.active.find(session[:user_id]) rescue nil) - elsif cookies[:autologin] && Setting.autologin? + elsif cookies[Redmine::Configuration['autologin_cookie_name']] && Setting.autologin? # auto-login feature starts a new session - user = User.try_to_autologin(cookies[:autologin]) + user = User.try_to_autologin(cookies[Redmine::Configuration['autologin_cookie_name']]) session[:user_id] = user.id if user user elsif params[:format] == 'atom' && params[:key] && accept_key_auth_actions.include?(params[:action]) diff --git a/lib/redmine/configuration.rb b/lib/redmine/configuration.rb index 1d2443a9..d4832272 100644 --- a/lib/redmine/configuration.rb +++ b/lib/redmine/configuration.rb @@ -20,7 +20,11 @@ module Redmine # Configuration default values @defaults = { - 'email_delivery' => nil + 'email_delivery' => nil, + # Autologin cookie defaults: + 'autologin_cookie_name' => 'autologin', + 'autologin_cookie_path' => '/', + 'autologin_cookie_secure' => false, } @config = nil diff --git a/test/integration/account_test.rb b/test/integration/account_test.rb index 4943f862..178852f6 100644 --- a/test/integration/account_test.rb +++ b/test/integration/account_test.rb @@ -50,7 +50,7 @@ class AccountTest < ActionController::IntegrationTest assert_equal user, token.user assert_equal 'autologin', token.action assert_equal user.id, session[:user_id] - assert_equal token.value, cookies['autologin'] + assert_equal token.value, cookies[Redmine::Configuration['autologin_cookie_name']] # Session is cleared reset! @@ -60,7 +60,7 @@ class AccountTest < ActionController::IntegrationTest assert_nil user.reload.last_login_on # User comes back with his autologin cookie - cookies[:autologin] = token.value + cookies[Redmine::Configuration['autologin_cookie_name']] = token.value get '/my/page' assert_response :success assert_template 'my/page'