Merge remote branch 'thegcat/273-autologin_cookie_name'

app/controllers/account_controller.rb

@@ -129,7 +129,7 @@ class AccountController < ApplicationController
   
   def logout_user
     if User.current.logged?
-      cookies.delete :autologin
+      cookies.delete Redmine::Configuration['autologin_cookie_name']
       Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin'])
       self.logged_user = nil
     end
@@ -211,15 +211,14 @@ class AccountController < ApplicationController
   
   def set_autologin_cookie(user)
     token = Token.create(:user => user, :action => 'autologin')
-    cookie_name = Redmine::Configuration['autologin_cookie_name'] || 'autologin'
     cookie_options = {
       :value => token.value,
       :expires => 1.year.from_now,
-      :path => (Redmine::Configuration['autologin_cookie_path'] || '/'),
+      :path => Redmine::Configuration['autologin_cookie_path'],
-      :secure => (Redmine::Configuration['autologin_cookie_secure'] ? true : false),
+      :secure => Redmine::Configuration['autologin_cookie_secure'],
       :httponly => true
     }
-    cookies[cookie_name] = cookie_options
+    cookies[Redmine::Configuration['autologin_cookie_name']] = cookie_options
   end
 
   # Onthefly creation failed, display the registration form to fill/fix attributes

app/controllers/application_controller.rb

@@ -63,9 +63,9 @@ class ApplicationController < ActionController::Base
     if session[:user_id]
       # existing session
       (User.active.find(session[:user_id]) rescue nil)
-    elsif cookies[:autologin] && Setting.autologin?
+    elsif cookies[Redmine::Configuration['autologin_cookie_name']] && Setting.autologin?
       # auto-login feature starts a new session
-      user = User.try_to_autologin(cookies[:autologin])
+      user = User.try_to_autologin(cookies[Redmine::Configuration['autologin_cookie_name']])
       session[:user_id] = user.id if user
       user
     elsif params[:format] == 'atom' && params[:key] && accept_key_auth_actions.include?(params[:action])

lib/redmine/configuration.rb

@@ -20,7 +20,11 @@ module Redmine
     
     # Configuration default values
     @defaults = {
-      'email_delivery' => nil
+      'email_delivery' => nil,
+      # Autologin cookie defaults:
+      'autologin_cookie_name'   => 'autologin',
+      'autologin_cookie_path'   => '/',
+      'autologin_cookie_secure' => false,
     }
     
     @config = nil

test/integration/account_test.rb

@@ -50,7 +50,7 @@ class AccountTest < ActionController::IntegrationTest
     assert_equal user, token.user
     assert_equal 'autologin', token.action
     assert_equal user.id, session[:user_id]
-    assert_equal token.value, cookies['autologin']
+    assert_equal token.value, cookies[Redmine::Configuration['autologin_cookie_name']]
     
     # Session is cleared
     reset!
@@ -60,7 +60,7 @@ class AccountTest < ActionController::IntegrationTest
     assert_nil user.reload.last_login_on
     
     # User comes back with his autologin cookie
-    cookies[:autologin] = token.value
+    cookies[Redmine::Configuration['autologin_cookie_name']] = token.value
     get '/my/page'
     assert_response :success
     assert_template 'my/page'