Get the autologin cookie name from the config #273

10dffcf3 · Felix Schäfer · 904897ac · 10dffcf3 · 10dffcf3 · 10dffcf3
Commit 10dffcf3 authored Mar 20, 2011 by Felix Schäfer
4 changed files
--- a/app/controllers/account_controller.rb
+++ b/app/controllers/account_controller.rb
@@ -129,7 +129,7 @@ class AccountController < ApplicationController
  
  def logout_user
    if User.current.logged?
-      cookies.delete :autologin
+      cookies.delete Redmine::Configuration['autologin_cookie_name']
      Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin'])
      self.logged_user = nil
    end
@@ -211,15 +211,14 @@ class AccountController < ApplicationController
  
  def set_autologin_cookie(user)
    token = Token.create(:user => user, :action => 'autologin')
-    cookie_name = Redmine::Configuration['autologin_cookie_name'] || 'autologin'
    cookie_options = {
      :value => token.value,
      :expires => 1.year.from_now,
-      :path => (Redmine::Configuration['autologin_cookie_path'] || '/'),
-      :secure => (Redmine::Configuration['autologin_cookie_secure'] ? true : false),
+      :path => Redmine::Configuration['autologin_cookie_path'],
+      :secure => Redmine::Configuration['autologin_cookie_secure'],
      :httponly => true
    }
-    cookies[cookie_name] = cookie_options
+    cookies[Redmine::Configuration['autologin_cookie_name']] = cookie_options
  end

  # Onthefly creation failed, display the registration form to fill/fix attributes

--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -63,9 +63,9 @@ class ApplicationController < ActionController::Base
    if session[:user_id]
      # existing session
      (User.active.find(session[:user_id]) rescue nil)
-    elsif cookies[:autologin] && Setting.autologin?
+    elsif cookies[Redmine::Configuration['autologin_cookie_name']] && Setting.autologin?
      # auto-login feature starts a new session
-      user = User.try_to_autologin(cookies[:autologin])
+      user = User.try_to_autologin(cookies[Redmine::Configuration['autologin_cookie_name']])
      session[:user_id] = user.id if user
      user
    elsif params[:format] == 'atom' && params[:key] && accept_key_auth_actions.include?(params[:action])

--- a/lib/redmine/configuration.rb
+++ b/lib/redmine/configuration.rb
@@ -20,7 +20,11 @@ module Redmine
    
    # Configuration default values
    @defaults = {
-      'email_delivery' => nil
+      'email_delivery' => nil,
+      # Autologin cookie defaults:
+      'autologin_cookie_name'   => 'autologin',
+      'autologin_cookie_path'   => '/',
+      'autologin_cookie_secure' => false,
    }
    
    @config = nil

--- a/test/integration/account_test.rb
+++ b/test/integration/account_test.rb
@@ -50,7 +50,7 @@ class AccountTest < ActionController::IntegrationTest
    assert_equal user, token.user
    assert_equal 'autologin', token.action
    assert_equal user.id, session[:user_id]
-    assert_equal token.value, cookies['autologin']
+    assert_equal token.value, cookies[Redmine::Configuration['autologin_cookie_name']]
    
    # Session is cleared
    reset!
@@ -60,7 +60,7 @@ class AccountTest < ActionController::IntegrationTest
    assert_nil user.reload.last_login_on
    
    # User comes back with his autologin cookie
-    cookies[:autologin] = token.value
+    cookies[Redmine::Configuration['autologin_cookie_name']] = token.value
    get '/my/page'
    assert_response :success
    assert_template 'my/page'