Unfloyded/Legamunt
0
0
Fork 0
Code Activity

Revocable sessions (#3616)

Browse source 
* feat: Revocable sessions

* fix: Tests using sign_in

* feat: Configuration entry for the maximum number of session activations
This commit is contained in:
Sorin Davidoi 2017-06-23 18:50:53 +02:00 committed by Eugen Rochko
parent 3783cadf2d
commit 2211e8d1cd
9 changed files with 116 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

16
config/initializers/devise.rb
View file

@ -1,3 +1,19 @@
Warden::Manager.after_set_user except: :fetch do |user, warden|
SessionActivation.deactivate warden.raw_session['auth_id']
warden.raw_session['auth_id'] = user.activate_session
end
Warden::Manager.after_fetch do |user, warden|
unless user.session_active?(warden.raw_session['auth_id'])
warden.logout
throw :warden, message: :unauthenticated
end
end
Warden::Manager.before_logout do |_, warden|
SessionActivation.deactivate warden.raw_session['auth_id']
end
Devise.setup do |config|
config.warden do |manager|
manager.default_strategies(scope: :user).unshift :two_factor_authenticatable