mirror of
https://gh.wpcy.net/https://github.com/discourse/discourse.git
synced 2026-05-04 05:09:20 +08:00
b4e4833d2a
This patch will be followed by https://github.com/discourse/discourse/pull/34747. `SecureSession` doesn’t make a lot of sense anymore and can be confusing as the current cookie store used for the session is actually secure since it’s encrypted. Renaming it to `ServerSession` better conveys what it does: providing a session but on the server side only. This patch also makes some improvements, like injecting that server session into Rack-like request objects, allowing the server session to be available virtually everywhere.
10 lines
288 B
Ruby
10 lines
288 B
Ruby
# frozen_string_literal: true
|
|
|
|
module RequestServerSession
|
|
def server_session
|
|
session[:server_session_id] ||= (session.delete(:secure_session_id) || SecureRandom.hex)
|
|
ServerSession.new(session[:server_session_id])
|
|
end
|
|
end
|
|
|
|
Rack::Request::Helpers.prepend(RequestServerSession)
|
