respect do not track headers in trackable

lib/devise/hooks/trackable.rb

@@ -3,7 +3,7 @@
 # and on authentication. Retrieving the user from session (:fetch) does
 # not trigger it.
 Warden::Manager.after_set_user :except => :fetch do |record, warden, options|
-  if record.respond_to?(:update_tracked_fields!) && warden.authenticated?(options[:scope])
+  if record.respond_to?(:update_tracked_fields!) && warden.authenticated?(options[:scope]) && warden.request.headers['X-Do-Not-Track'].to_s != '1' && warden.request.headers['DNT'].to_s != '1'
     record.update_tracked_fields!(warden.request)
   end
 end

test/integration/trackable_test.rb

@@ -61,4 +61,30 @@ class TrackableHooksTest < ActionController::IntegrationTest
       assert_nil user.last_sign_in_at
     end
   end
+  
+  test "respect X-Do-Not-Track and DNT headers" do
+    user = create_user
+    sign_in_as_user do
+      header "X-Do-Not-Track" , "1"
+      header "DNT" , "0"
+    end
+    user.reload
+    assert_equal 0, user.sign_in_count
+    visit destroy_user_session_path
+    
+    sign_in_as_user do
+      header "X-Do-Not-Track" , "0"
+      header "DNT" , "1"
+    end
+    user.reload
+    assert_equal 0, user.sign_in_count
+    visit destroy_user_session_path
+    
+    sign_in_as_user do
+      header "X-Do-Not-Track" , "0"
+      header "DNT" , "0"
+    end
+    user.reload
+    assert_equal 1, user.sign_in_count
+  end
 end