Module ActionController::SessionManagement::ClassMethods
In: lib/action_controller/session_management.rb

Methods

Public Instance methods

Specify how sessions ought to be managed for a subset of the actions on the controller. Like filters, you can specify :only and :except clauses to restrict the subset, otherwise options apply to all actions on this controller.

The session options are inheritable, as well, so if you specify them in a parent controller, they apply to controllers that extend the parent.

Usage:

  # turn off session management for all actions.
  session :off

  # turn off session management for all actions _except_ foo and bar.
  session :off, :except => %w(foo bar)

  # turn off session management for only the foo and bar actions.
  session :off, :only => %w(foo bar)

  # the session will only work over HTTPS, but only for the foo action
  session :only => :foo, :session_secure => true

  # the session by default uses HttpOnly sessions for security reasons.
  # this can be switched off.
  session :only => :foo, :session_http_only => false

  # the session will only be disabled for 'foo', and only if it is
  # requested as a web service
  session :off, :only => :foo,
          :if => Proc.new { |req| req.parameters[:ws] }

  # the session will be disabled for non html/ajax requests
  session :off,
    :if => Proc.new { |req| !(req.format.html? || req.format.js?) }

  # turn the session back on, useful when it was turned off in the
  # application controller, and you need it on in another controller
  session :on

All session options described for ActionController::Base.process_cgi are valid arguments.

session=(*args)

Alias for session

Returns the hash used to configure the session. Example use:

  ActionController::Base.session_options[:session_secure] = true # session only available over HTTPS

Returns the session store class currently used.

Set the session store to be used for keeping the session data between requests. By default, sessions are stored in browser cookies (:cookie_store), but you can also specify one of the other included stores (:active_record_store, :p_store, :drb_store, :mem_cache_store, or :memory_store) or your own custom class.

[Validate]