jro_apps/redmine Commit - r4636:55acbcb560cc

Makes the autologin cookie configurable (#1763)....

Jean-Philippe Lang -

r4636:55acbcb560cc

parent child

Context file:

r4636:55acbcb560cc

app/controllers/account_controller.rb +13 -2

                  self.logged_user = user
                  # generate a key and set cookie if autologin
                  if params[:autologin] && Setting.autologin?
-                   token = Token.create(:user => user, :action => 'autologin')
-                   cookies[:autologin] = { :value => token.value, :expires => 1.year.from_now }
+                   set_autologin_cookie(user)
                  end
                  call_hook(:controller_account_success_authentication_after, {:user => user })
                  redirect_back_or_default :controller => 'my', :action => 'page'
                end
+               def set_autologin_cookie(user)
+                 token = Token.create(:user => user, :action => 'autologin')
+                 cookie_name = Redmine::Configuration['autologin_cookie_name'] || 'autologin'
+                 cookie_options = {
+                   :value => token.value,
+                   :expires => 1.year.from_now,
+                   :path => (Redmine::Configuration['autologin_cookie_path'] || '/'),
+                   :secure => (Redmine::Configuration['autologin_cookie_secure'] ? true : false)
+                 }
+                 cookies[cookie_name] = cookie_options
+               end
                # Onthefly creation failed, display the registration form to fill/fix attributes
                def onthefly_creation_failed(user, auth_source_options = { })

config/configuration.yml.example +8 0

                # attachments_storage_path: D:/redmine/files
                attachments_storage_path:
+               # Configuration of the autologin cookie.
+               # autologin_cookie_name: the name of the cookie (default: autologin)
+               # autologin_cookie_path: the cookie path (default: /)
+               # autologin_cookie_secure: true sets the cookie secure flag (default: false)
+               autologin_cookie_name:
+               autologin_cookie_path:
+               autologin_cookie_secure:
              # specific configuration options for production environment
              # that overrides the default ones
              production:

General Comments 0

You need to be logged in to leave comments. Login now

No TODOs yet

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages