Add a plugin to handle session persistence. This is based on the

plugin at http://github.com/augustl/session-persistence but modified
to work with rails 2 rather than rails 3.

vendor/plugins/session-persistence/MIT_LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2010 August Lilleaas
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

vendor/plugins/session-persistence/README.rdoc

@@ -0,0 +1,40 @@
+= Session Persistence
+
+Rails 3 plugin that lets you set how long you want your session to be persisted/remembered.
+
+ session_expires_after 2.weeks
+ session_expires_automatically # also aliased to expire_session
+   
+The timespan will reset on every request. If you set it to 2 weeks, and the user returns after 1 week, the session will be refreshed and last 2 weeks again. If the user returns after 3 weeks, the session will be reset.
+
+A call to session_expires_automatically will return to a normal automatical expiry cookie, that will expire when the browser is closed.
+
+Note: I haven't tested the plugin with memcache session storage, but it should work there as well.
+
+= Usage
+   
+Here's an example sessions controller in a Rails 3 application.
+
+ class SessionsController < ApplicationController
+  def create
+    session_expires_after 2.weeks if params[:remember_me]
+    
+    # ..normal auth goes here..
+    # for example
+    user = User.authenticate(params[:username], params[:password])
+    if user
+      session[:user] = user.id
+    else
+      # ..
+    end
+  end
+  
+  def destroy
+    session_expires_automatically
+    
+    # ..unauthorize here..
+    # for example
+    session[:user] = nil
+    redirect_to root_path
+  end
+ end

vendor/plugins/session-persistence/init.rb

@@ -0,0 +1,3 @@
+require  "session_persistence"
+ActionController::Base.class_eval { include SessionPersistence }
+ActionController::Base.after_filter :_persist_session

vendor/plugins/session-persistence/lib/session_persistence.rb

@@ -0,0 +1,30 @@
+module SessionPersistence
+  private
+  
+  # Override this method if you don't want to use session[:_remember_for].
+  def session_persistence_key
+    :_remember_for
+  end
+
+  # Persist the session.
+  #
+  #   session_expires_after 1.hour
+  #   session_expires_after 2.weeks
+  def session_expires_after(seconds)
+    session[session_persistence_key] = seconds 
+  end
+  
+  # Expire the session.
+  def session_expires_automatically
+    session.delete(session_persistence_key)
+  end
+  alias_method :expire_session, :session_expires_automatically
+  
+  def _persist_session
+    if session[session_persistence_key]
+      request.session_options = request.session_options.dup
+      request.session_options[:expire_after] = session[session_persistence_key]
+      request.session_options.freeze
+    end
+  end
+end

vendor/plugins/session-persistence/test/session_timeout_test.rb

@@ -0,0 +1,41 @@
+require "test/unit"
+
+module ActionController
+  class Base
+    def self.after_filter(*args)
+      
+    end
+  end
+end
+
+$LOAD_PATH.push(File.dirname(__FILE__) + "../lib")
+require "../init"
+
+class SessionPersistenceTest < Test::Unit::TestCase
+  def setup
+    @controller = ActionController::Base.new
+    @controller.instance_eval {
+      def session
+        @session ||= {}
+      end
+      
+      def session_persistence_key
+        :mine
+      end
+    }
+  end
+  
+  def test_session_expires_after
+    @controller.instance_eval { session_expires_after 10 }
+    assert_equal 10, @controller.session[:mine]
+  end
+  
+  def test_session_expires_automatically
+    @controller.instance_eval {
+      session_expires_after 10
+      session_expires_automatically
+    }
+    
+    assert !@controller.session.has_key?(:mine)
+  end
+end