mirror of
https://github.com/heartcombo/devise.git
synced 2022-11-09 12:18:31 -05:00
Removing signed_out path workaround
This commit is contained in:
parent
70b9bdcc9a
commit
65f08ea175
5 changed files with 15 additions and 11 deletions
|
@ -19,10 +19,9 @@ class Devise::SessionsController < DeviseController
|
|||
|
||||
# DELETE /resource/sign_out
|
||||
def destroy
|
||||
signed_in = signed_in?(resource_name)
|
||||
redirect_path = after_sign_out_path_for(resource_name)
|
||||
Devise.sign_out_all_scopes ? sign_out : sign_out(resource_name)
|
||||
set_flash_message :notice, :signed_out if signed_in
|
||||
signed_out = (Devise.sign_out_all_scopes ? sign_out : sign_out(resource_name))
|
||||
set_flash_message :notice, :signed_out if signed_out
|
||||
|
||||
# We actually need to hardcode this as Rails default responder doesn't
|
||||
# support returning empty response on GET request
|
||||
|
|
|
@ -136,19 +136,25 @@ module Devise
|
|||
def sign_out(resource_or_scope=nil)
|
||||
return sign_out_all_scopes unless resource_or_scope
|
||||
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
||||
warden.user(:scope => scope, :run_callbacks => false) # Without loading user here, before_logout hook is not called
|
||||
return false unless warden.user(:scope => scope, :run_callbacks => false) # Without loading user here, before_logout hook is not called
|
||||
|
||||
warden.raw_session.inspect # Without this inspect here. The session does not clear.
|
||||
warden.logout(scope)
|
||||
instance_variable_set(:"@current_#{scope}", nil)
|
||||
true
|
||||
end
|
||||
|
||||
# Sign out all active users or scopes. This helper is useful for signing out all roles
|
||||
# in one click. This signs out ALL scopes in warden.
|
||||
def sign_out_all_scopes
|
||||
Devise.mappings.keys.each { |s| warden.user(:scope => s, :run_callbacks => false) }
|
||||
users = Devise.mappings.keys.map { |s| warden.user(:scope => s, :run_callbacks => false) }
|
||||
|
||||
warden.raw_session.inspect
|
||||
warden.logout
|
||||
expire_devise_cached_variables!
|
||||
|
||||
return false if users.compact.empty?
|
||||
true
|
||||
end
|
||||
|
||||
# Returns and delete the url stored in the session for the given scope. Useful
|
||||
|
|
|
@ -10,11 +10,8 @@ Warden::Manager.after_set_user do |record, warden, options|
|
|||
last_request_at = warden.session(scope)['last_request_at']
|
||||
|
||||
if record.timedout?(last_request_at)
|
||||
path_checker = Devise::PathChecker.new(warden.env, scope)
|
||||
unless path_checker.signing_out?
|
||||
warden.logout(scope)
|
||||
throw :warden, :scope => scope, :message => :timeout
|
||||
end
|
||||
warden.logout(scope)
|
||||
throw :warden, :scope => scope, :message => :timeout
|
||||
end
|
||||
|
||||
unless warden.request.env['devise.skip_trackable']
|
||||
|
|
|
@ -50,10 +50,12 @@ class SessionTimeoutTest < ActionController::IntegrationTest
|
|||
get expire_user_path(user)
|
||||
|
||||
get destroy_user_session_path
|
||||
|
||||
assert_response :redirect
|
||||
assert_redirected_to root_path
|
||||
|
||||
follow_redirect!
|
||||
|
||||
assert_contain 'Signed out successfully'
|
||||
end
|
||||
|
||||
|
|
|
@ -3,6 +3,6 @@
|
|||
|
||||
class ApplicationController < ActionController::Base
|
||||
protect_from_forgery
|
||||
before_filter :current_user
|
||||
before_filter :current_user, :unless => :devise_controller?
|
||||
before_filter :authenticate_user!, :if => :devise_controller?
|
||||
end
|
||||
|
|
Loading…
Add table
Reference in a new issue