kotovalexarian-likes-github/heartcombo--devise
1
0
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2022-11-09 12:18:31 -05:00
Code Releases Activity

Do not clean up CSRF on rememberable

Browse source
This commit is contained in:
José Valim 2015-05-23 22:13:59 +02:00
parent ac4a89a511
commit 1f3638aaa5
1 changed files with 9 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
lib/devise/strategies/rememberable.rb
View file

@ -32,6 +32,15 @@ module Devise
end end
end end
# No need to clean up the CSRF when using rememberable.
# In fact, cleaning it up here would be a bug because
# rememberable is triggered on GET requests which means
# we would render a page on first access with all csrf
# tokens expired.
def clean_up_csrf?
false
end
private private
def extend_remember_me_period(resource) def extend_remember_me_period(resource)