Add cookie_options Devise config for Rememberable strategy

heartcombo · Jun 16, 2011 · d39f94e · d39f94e
1 parent 15fd736
commit d39f94e
Show file tree

Hide file tree

Showing 4 changed files with 24 additions and 4 deletions.
diff --git a/lib/devise.rb b/lib/devise.rb
@@ -72,6 +72,10 @@ module Orm
   # Email regex used to validate email formats. Adapted from authlogic.
   EMAIL_REGEX = /^([\w\.%\+\-]+)@([\w\-]+\.)+([\w]{2,})$/i
 
+  # Custom domain for cookies. Not set by default
+  mattr_accessor :cookie_options
+  @@cookie_options = {}
+
   # Used to encrypt password. Please generate one with rake secret.
   mattr_accessor :pepper
   @@pepper = nil

diff --git a/lib/devise/hooks/rememberable.rb b/lib/devise/hooks/rememberable.rb
@@ -11,11 +11,13 @@
      warden.authenticated?(scope) && record.respond_to?(:remember_me!)
     record.remember_me!
 
-    warden.response.set_cookie "remember_#{scope}_token", {
+    cookie_options = {
       :value => record.class.serialize_into_cookie(record),
       :expires => record.remember_expires_at,
       :path => "/"
-    }
+    }.merge record.cookie_options
+
+    warden.response.set_cookie "remember_#{scope}_token", cookie_options
   end
 end
 
@@ -30,4 +32,4 @@
     record.forget_me! unless record.frozen?
     warden.response.delete_cookie "remember_#{scope}_token", :path => "/"
   end
-end
+end
diff --git a/lib/devise/models/rememberable.rb b/lib/devise/models/rememberable.rb
@@ -19,6 +19,9 @@ module Models
     #                 time for the cookie created to remember the user.
     #                 By default remember_for is 2.weeks.
     #
+    #   cookie_options: configuration options passed to the created cookie.
+    #
+    #
     # Examples:
     #
     #   User.find(1).remember_me!  # regenerating the token
@@ -72,6 +75,10 @@ def remember_expires_at
         remember_created_at + self.class.remember_for
       end
 
+      def cookie_options
+        self.class.cookie_options
+      end
+
       module ClassMethods
         # Create the cookie key using the record id and remember_token
         def serialize_into_cookie(record)
@@ -85,7 +92,7 @@ def serialize_from_cookie(cookie)
           record if record.try(:valid_remember_token?, record_token)
         end
 
-        Devise::Models.config(self, :remember_for)
+        Devise::Models.config(self, :remember_for, :cookie_options)
       end
     end
   end

diff --git a/test/integration/rememberable_test.rb b/test/integration/rememberable_test.rb
@@ -20,6 +20,13 @@ def create_user_and_remember(add_to_token='')
     assert_not_nil user.reload.remember_token
   end
 
+  test 'cookie_options should be applied to cookies' do
+    swap Devise, :cookie_options => { :value => 'dont-do-that' } do
+      user = sign_in_as_user :remember_me => true
+      assert_equal 'dont-do-that', cookies['remember_user_token']
+    end
+  end
+
   test 'remember the user before sign in' do
     user = create_user_and_remember
     get users_path