From d448e7d841d578045d8d5bf2a1184119ce77a359 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Valim?= Date: Tue, 25 Oct 2011 18:43:34 +0200 Subject: [PATCH] Timeoutable also skips tracking if skip_trackable is given --- CHANGELOG.rdoc | 3 +++ lib/devise/hooks/timeoutable.rb | 4 +++- test/integration/timeoutable_test.rb | 9 +++++++++ 3 files changed, 15 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.rdoc b/CHANGELOG.rdoc index 52ce8901..cbbaf35f 100644 --- a/CHANGELOG.rdoc +++ b/CHANGELOG.rdoc @@ -1,5 +1,8 @@ == 1.5.0.dev +* enhancements + * Timeoutable also skips tracking if skip_trackable is given + * bug fix * Allow idempotent API requests * Fix bug where logs did not show 401 as status code diff --git a/lib/devise/hooks/timeoutable.rb b/lib/devise/hooks/timeoutable.rb index 140ea227..933e2c2f 100644 --- a/lib/devise/hooks/timeoutable.rb +++ b/lib/devise/hooks/timeoutable.rb @@ -17,6 +17,8 @@ Warden::Manager.after_set_user do |record, warden, options| end end - warden.session(scope)['last_request_at'] = Time.now.utc + unless warden.request.env['devise.skip_trackable'] + warden.session(scope)['last_request_at'] = Time.now.utc + end end end diff --git a/test/integration/timeoutable_test.rb b/test/integration/timeoutable_test.rb index 78ef3ab4..48e3de09 100644 --- a/test/integration/timeoutable_test.rb +++ b/test/integration/timeoutable_test.rb @@ -16,6 +16,15 @@ class SessionTimeoutTest < ActionController::IntegrationTest assert_not_equal old_last_request, last_request_at end + test 'set last request at in user session after each request is skipped if tracking is disabled' do + sign_in_as_user + old_last_request = last_request_at + assert_not_nil last_request_at + + get users_path, {}, 'devise.skip_trackable' => true + assert_equal old_last_request, last_request_at + end + test 'not time out user session before default limit time' do sign_in_as_user assert_response :success