Allow subclasses of session store to override session_class

With the current implementation it is not possible for different subclasses to use different session models since it uses a class variable to access it which is shared amongst inherited classes. This uses the accessor method instead which can be overriden by subclasses
rails · Aug 15, 2023 · c4dd92c · c4dd92c
1 parent 9198a95
commit c4dd92c
Showing 1 changed file with 5 additions and 5 deletions.
diff --git a/lib/action_dispatch/session/active_record_store.rb b/lib/action_dispatch/session/active_record_store.rb
@@ -67,7 +67,7 @@ def get_session(request, sid)
             # If the sid was nil or if there is no pre-existing session under the sid,
             # force the generation of a new sid and associate a new session associated with the new sid
             sid = generate_sid
-            session = @@session_class.new(:session_id => sid.private_id, :data => {})
+            session = session_class.new(:session_id => sid.private_id, :data => {})
           end
           request.env[SESSION_RECORD_KEY] = session
           [sid, session.data]
@@ -106,7 +106,7 @@ def delete_session(request, session_id, options)
             new_sid = generate_sid
 
             if options[:renew]
-              new_model = @@session_class.new(:session_id => new_sid.private_id, :data => data)
+              new_model = session_class.new(:session_id => new_sid.private_id, :data => data)
               new_model.save
               request.env[SESSION_RECORD_KEY] = new_model
             end
@@ -120,7 +120,7 @@ def get_session_model(request, id)
           model = get_session_with_fallback(id)
           unless model
             id = generate_sid
-            model = @@session_class.new(:session_id => id.private_id, :data => {})
+            model = session_class.new(:session_id => id.private_id, :data => {})
             model.save
           end
           if request.env[ENV_SESSION_OPTIONS_KEY][:id].nil?
@@ -134,9 +134,9 @@ def get_session_model(request, id)
 
       def get_session_with_fallback(sid)
         if sid && !self.class.private_session_id?(sid.public_id)
-          if (secure_session = @@session_class.find_by_session_id(sid.private_id))
+          if (secure_session = session_class.find_by_session_id(sid.private_id))
             secure_session
-          elsif (insecure_session = @@session_class.find_by_session_id(sid.public_id))
+          elsif (insecure_session = session_class.find_by_session_id(sid.public_id))
             insecure_session.session_id = sid.private_id # this causes the session to be secured
             insecure_session
           end