kotovalexarian-likes-github/heartcombo--devise
1
0
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2022-11-09 12:18:31 -05:00
Code Releases Activity

Remove upgrade path for old session format (#4032)

Browse source 
This removes an upgrade path that migrated the old serialization format
to the new one introduced. This was introduced in c22d755 (#2300)
3 years ago and should no longer be needed.
This commit is contained in:
Philipe Fatio 2016-04-26 16:10:55 +02:00 committed by Ulisses Almeida
parent 4da955d9cd
commit 209b97d86b
3 changed files with 3 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

2
CHANGELOG.md
View file

@ -1,5 +1,7 @@
### Unreleased ### Unreleased
* Remove code supporting old session serialization format (by @fphilipe).
### 4.0.1 - 2016-04-25 ### 4.0.1 - 2016-04-25
* bug fixes * bug fixes

5
lib/devise.rb
View file

@ -543,10 +543,7 @@ module Devise
mapping.to.serialize_into_session(record) mapping.to.serialize_into_session(record)
end end
warden_config.serialize_from_session(mapping.name) do |key| warden_config.serialize_from_session(mapping.name) do |args|
# Previous versions contained an additional entry at the beginning of
# key with the record's class name.
args = key[-2, 2]
mapping.to.serialize_from_session(*args) mapping.to.serialize_from_session(*args)
end end
end end

31
test/integration/authenticatable_test.rb
View file

@ -347,37 +347,6 @@ class AuthenticationSessionTest < Devise::IntegrationTest
assert_equal "Cart", @controller.user_session[:cart] assert_equal "Cart", @controller.user_session[:cart]
end end
test 'does not explode when class name is still stored in session' do
# In order to test that old sessions do not break with the new scoped
# deserialization, we need to serialize the session the old way. This is
# done by removing the newly used scoped serialization method
# (#user_serialize) and bringing back the old uncsoped #serialize method
# that includes the record's class name in the serialization.
begin
Warden::SessionSerializer.class_eval do
alias_method :original_serialize, :serialize
alias_method :original_user_serialize, :user_serialize
remove_method :user_serialize
def serialize(record)
klass = record.class
array = klass.serialize_into_session(record)
array.unshift(klass.name)
end
end
sign_in_as_user
assert warden.authenticated?(:user)
ensure
Warden::SessionSerializer.class_eval do
alias_method :serialize, :original_serialize
remove_method :original_serialize
alias_method :user_serialize, :original_user_serialize
remove_method :original_user_serialize
end
end
end
test 'session id is changed on sign in' do test 'session id is changed on sign in' do
get '/users' get '/users'
session_id = request.session["session_id"] session_id = request.session["session_id"]