From 1c6d47380fd3fb5703108bdf10e5199b88c98d15 Mon Sep 17 00:00:00 2001 From: Artur Beljajev Date: Thu, 9 Nov 2017 13:58:24 +0200 Subject: [PATCH] Registry 633 (#635) * Allow session cookie "secure" and "same_site" flag configuration #633 --- config/application-example.yml | 2 ++ config/initializers/session_store.rb | 8 +++++++- lib/tasks/dev.rake | 1 - 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/config/application-example.yml b/config/application-example.yml index f54557828..caedd83cc 100644 --- a/config/application-example.yml +++ b/config/application-example.yml @@ -129,3 +129,5 @@ payments_lhv_seller_private: 'kaupmees_priv.pem' payments_lhv_seller_account: 'testvpos' user_session_timeout: '3600' # 1 hour +secure_session_cookies: 'false' # true|false +same_site_session_cookies: 'false' # false|strict|lax diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb index 480996245..d063123a4 100644 --- a/config/initializers/session_store.rb +++ b/config/initializers/session_store.rb @@ -1,3 +1,9 @@ # Be sure to restart your server when you modify this file. -Rails.application.config.session_store :cookie_store, key: '_registry_session' +secure_cookies = ENV['secure_session_cookies'] == 'true' +same_site_cookies = ENV['same_site_session_cookies'] != 'false' ? ENV['same_site_session_cookies'].to_sym : false + +Rails.application.config.session_store :cookie_store, + key: '_registry_session', + secure: secure_cookies, + same_site: same_site_cookies diff --git a/lib/tasks/dev.rake b/lib/tasks/dev.rake index 470949c14..ef23f0ad8 100644 --- a/lib/tasks/dev.rake +++ b/lib/tasks/dev.rake @@ -7,7 +7,6 @@ namespace :dev do require 'factory_girl' include FactoryGirl::Syntax::Methods - FactoryGirl.find_definitions PaperTrail.enabled = false Domain.paper_trail_on!