module Authlogic::Session::Cookies::InstanceMethods
The methods available for an Authlogic::Session::Base object that make up the cookie feature set.
Public Instance Methods
Allows you to set the #remember_me option when passing credentials.
# File lib/authlogic/session/cookies.rb, line 105 def credentials=(value) super values = value.is_a?(Array) ? value : [value] case values.first when Hash if values.first.with_indifferent_access.key?(:remember_me) self.remember_me = values.first.with_indifferent_access[:remember_me] end else r = values.find { |val| val.is_a?(TrueClass) || val.is_a?(FalseClass) } self.remember_me = r unless r.nil? end end
If the cookie should be marked as httponly (not accessible via javascript)
# File lib/authlogic/session/cookies.rb, line 175 def httponly return @httponly if defined?(@httponly) @httponly = self.class.httponly end
Accepts a boolean as to whether the cookie should be marked as httponly. If true, the cookie will not be accessible from javascript
# File lib/authlogic/session/cookies.rb, line 182 def httponly=(value) @httponly = value end
See httponly
# File lib/authlogic/session/cookies.rb, line 187 def httponly? httponly == true || httponly == "true" || httponly == "1" end
Is the cookie going to expire after the session is over, or will it stick around?
# File lib/authlogic/session/cookies.rb, line 120 def remember_me return @remember_me if defined?(@remember_me) @remember_me = self.class.remember_me end
Accepts a boolean as a flag to remember the session or not. Basically to expire the cookie at the end of the session or keep it for “remember_me_until”.
# File lib/authlogic/session/cookies.rb, line 128 def remember_me=(value) @remember_me = value end
See #remember_me
# File lib/authlogic/session/cookies.rb, line 133 def remember_me? remember_me == true || remember_me == "true" || remember_me == "1" end
Has the cookie expired due to current time being greater than remember_me_until.
# File lib/authlogic/session/cookies.rb, line 152 def remember_me_expired? return unless remember_me? (Time.parse(cookie_credentials[2]) < Time.now) end
How long to remember the user if #remember_me is true. This is based on the class level configuration: #remember_me_for
# File lib/authlogic/session/cookies.rb, line 139 def remember_me_for return unless remember_me? self.class.remember_me_for end
When to expire the cookie. See #remember_me_for configuration option to change this.
# File lib/authlogic/session/cookies.rb, line 146 def remember_me_until return unless remember_me? remember_me_for.from_now end
If the cookie should be marked as SameSite with 'Lax' or 'Strict' flag.
# File lib/authlogic/session/cookies.rb, line 192 def same_site return @same_site if defined?(@same_site) @same_site = self.class.same_site(nil) end
Accepts nil, 'Lax' or 'Strict' as possible flags.
# File lib/authlogic/session/cookies.rb, line 198 def same_site=(value) unless VALID_SAME_SITE_VALUES.include?(value) msg = "Invalid same_site value: #{value}. Valid: #{VALID_SAME_SITE_VALUES.inspect}" raise ArgumentError.new(msg) end @same_site = value end
If the cookie should be marked as secure (SSL only)
# File lib/authlogic/session/cookies.rb, line 158 def secure return @secure if defined?(@secure) @secure = self.class.secure end
Accepts a boolean as to whether the cookie should be marked as secure. If true the cookie will only ever be sent over an SSL connection.
# File lib/authlogic/session/cookies.rb, line 165 def secure=(value) @secure = value end
See secure
# File lib/authlogic/session/cookies.rb, line 170 def secure? secure == true || secure == "true" || secure == "1" end