Merge remote branch 'thegcat/273-autologin_cookie_name'

This commit is contained in:
Eric Davis 2011-03-24 13:06:13 -07:00
commit f1878f4a79
4 changed files with 13 additions and 10 deletions

View File

@ -129,7 +129,7 @@ class AccountController < ApplicationController
def logout_user def logout_user
if User.current.logged? if User.current.logged?
cookies.delete :autologin cookies.delete Redmine::Configuration['autologin_cookie_name']
Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin']) Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin'])
self.logged_user = nil self.logged_user = nil
end end
@ -211,15 +211,14 @@ class AccountController < ApplicationController
def set_autologin_cookie(user) def set_autologin_cookie(user)
token = Token.create(:user => user, :action => 'autologin') token = Token.create(:user => user, :action => 'autologin')
cookie_name = Redmine::Configuration['autologin_cookie_name'] || 'autologin'
cookie_options = { cookie_options = {
:value => token.value, :value => token.value,
:expires => 1.year.from_now, :expires => 1.year.from_now,
:path => (Redmine::Configuration['autologin_cookie_path'] || '/'), :path => Redmine::Configuration['autologin_cookie_path'],
:secure => (Redmine::Configuration['autologin_cookie_secure'] ? true : false), :secure => Redmine::Configuration['autologin_cookie_secure'],
:httponly => true :httponly => true
} }
cookies[cookie_name] = cookie_options cookies[Redmine::Configuration['autologin_cookie_name']] = cookie_options
end end
# Onthefly creation failed, display the registration form to fill/fix attributes # Onthefly creation failed, display the registration form to fill/fix attributes

View File

@ -63,9 +63,9 @@ class ApplicationController < ActionController::Base
if session[:user_id] if session[:user_id]
# existing session # existing session
(User.active.find(session[:user_id]) rescue nil) (User.active.find(session[:user_id]) rescue nil)
elsif cookies[:autologin] && Setting.autologin? elsif cookies[Redmine::Configuration['autologin_cookie_name']] && Setting.autologin?
# auto-login feature starts a new session # auto-login feature starts a new session
user = User.try_to_autologin(cookies[:autologin]) user = User.try_to_autologin(cookies[Redmine::Configuration['autologin_cookie_name']])
session[:user_id] = user.id if user session[:user_id] = user.id if user
user user
elsif params[:format] == 'atom' && params[:key] && accept_key_auth_actions.include?(params[:action]) elsif params[:format] == 'atom' && params[:key] && accept_key_auth_actions.include?(params[:action])

View File

@ -20,7 +20,11 @@ module Redmine
# Configuration default values # Configuration default values
@defaults = { @defaults = {
'email_delivery' => nil 'email_delivery' => nil,
# Autologin cookie defaults:
'autologin_cookie_name' => 'autologin',
'autologin_cookie_path' => '/',
'autologin_cookie_secure' => false,
} }
@config = nil @config = nil

View File

@ -50,7 +50,7 @@ class AccountTest < ActionController::IntegrationTest
assert_equal user, token.user assert_equal user, token.user
assert_equal 'autologin', token.action assert_equal 'autologin', token.action
assert_equal user.id, session[:user_id] assert_equal user.id, session[:user_id]
assert_equal token.value, cookies['autologin'] assert_equal token.value, cookies[Redmine::Configuration['autologin_cookie_name']]
# Session is cleared # Session is cleared
reset! reset!
@ -60,7 +60,7 @@ class AccountTest < ActionController::IntegrationTest
assert_nil user.reload.last_login_on assert_nil user.reload.last_login_on
# User comes back with his autologin cookie # User comes back with his autologin cookie
cookies[:autologin] = token.value cookies[Redmine::Configuration['autologin_cookie_name']] = token.value
get '/my/page' get '/my/page'
assert_response :success assert_response :success
assert_template 'my/page' assert_template 'my/page'