diff --git a/app/controllers/account_controller.rb b/app/controllers/account_controller.rb index 5fa56b1..52b15a1 100644 --- a/app/controllers/account_controller.rb +++ b/app/controllers/account_controller.rb @@ -203,12 +203,23 @@ class AccountController < ApplicationController self.logged_user = user # generate a key and set cookie if autologin if params[:autologin] && Setting.autologin? - token = Token.create(:user => user, :action => 'autologin') - cookies[:autologin] = { :value => token.value, :expires => 1.year.from_now } + set_autologin_cookie(user) end call_hook(:controller_account_success_authentication_after, {:user => user }) redirect_back_or_default :controller => 'my', :action => 'page' end + + def set_autologin_cookie(user) + token = Token.create(:user => user, :action => 'autologin') + cookie_name = Redmine::Configuration['autologin_cookie_name'] || 'autologin' + cookie_options = { + :value => token.value, + :expires => 1.year.from_now, + :path => (Redmine::Configuration['autologin_cookie_path'] || '/'), + :secure => (Redmine::Configuration['autologin_cookie_secure'] ? true : false) + } + cookies[cookie_name] = cookie_options + end # Onthefly creation failed, display the registration form to fill/fix attributes def onthefly_creation_failed(user, auth_source_options = { }) diff --git a/config/configuration.yml.example b/config/configuration.yml.example index 673c25a..5756907 100644 --- a/config/configuration.yml.example +++ b/config/configuration.yml.example @@ -99,6 +99,14 @@ default: # attachments_storage_path: D:/redmine/files attachments_storage_path: + # Configuration of the autologin cookie. + # autologin_cookie_name: the name of the cookie (default: autologin) + # autologin_cookie_path: the cookie path (default: /) + # autologin_cookie_secure: true sets the cookie secure flag (default: false) + autologin_cookie_name: + autologin_cookie_path: + autologin_cookie_secure: + # specific configuration options for production environment # that overrides the default ones production: