lib/merb/session/merb_ar_session.rb in merb-0.3.4 vs lib/merb/session/merb_ar_session.rb in merb-0.3.7

@@ -4,40 +4,35 @@
   
   module SessionMixin
 
     def setup_session
       MERB_LOGGER.info("Setting up session")
-      before = @cookies[_session_id_key]
-      @session, @cookies[_session_id_key] = Merb::Session.persist(@cookies[_session_id_key])
-      @_fingerprint_before = Marshal.dump(@session).hash
-      @_new_cookie = @cookies[_session_id_key] != before
+      before = @_cookies[_session_id_key]
+      @_session, @_cookies[_session_id_key] = Merb::Session.persist(@_cookies[_session_id_key])
+      @_fingerprint = Marshal.dump(@_session.data).hash
+      @_new_cookie = @_cookies[_session_id_key] != before
     end
 
     def finalize_session
       MERB_LOGGER.info("Finalize session")
-      unless Marshal.dump(@session).hash == @_fingerprint_before
-        @session.save
-      end
-      set_cookie(_session_id_key, @cookies[_session_id_key], Time.now+Merb::Const::WEEK*2) if @_new_cookie
-    end 
-
+      @_session.save if @_fingerprint != Marshal.dump(@_session.data).hash
+      set_cookie(_session_id_key, @_session.session_id, _session_expiry) if (@_new_cookie || @_session.needs_new_cookie)
+    end
   end
 
   class Session < ::ActiveRecord::Base
     # Customizable data column name.  Defaults to 'data'.
     cattr_accessor :data_column_name
     self.data_column_name = 'data'
     before_save :marshal_data!
     before_save :raise_on_session_data_overflow!
+    attr_accessor :needs_new_cookie
   
-    RAND_CHARS = [*'A'..'Z'] + [*'0'..'9'] + [*'a'..'z']
-  
     class << self
       # Generates a new session ID and creates a row for the new session in the database.
       def generate
-        rand_max = RAND_CHARS.size
-        sid = (0...32).inject("") { |ret,_| ret << RAND_CHARS[rand(rand_max)] }
+        sid = Merb::SessionMixin::rand_uuid
         create(:session_id => sid, :data => {})
       end
 
       # Gets the existing session based on the <tt>session_id</tt> available in cookies.
       # If none is found, generates a new session.
@@ -76,10 +71,28 @@
       def drop_table!
         connection.execute "DROP TABLE #{table_name}"
       end
     end
     
+    # Regenerate the Session ID  
+   	def regenerate 
+   	  new_id = Merb::SessionMixin::rand_uuid 
+   	  update_attributes({:session_id => new_id}) 
+   	  self.needs_new_cookie=true 
+   	end 
+   	 
+   	# Recreates the cookie with the default expiration time 
+   	# Useful during log in for pushing back the expiration date 
+   	def refresh_expiration 
+   	  self.needs_new_cookie=true 
+   	end 
+   	
+   	# Lazy-delete of session data 
+   	def delete  
+   	  self.data = {} 
+   	end
+    
     def [](key)
       data[key]
     end
     
     def []=(key, val)
@@ -113,7 +126,6 @@
         if loaded? and limit and read_attribute(@@data_column_name).size > limit
           raise MerbController::SessionOverflowError
         end
       end
   end
-
-end
\ No newline at end of file
+end