Sign out by default will destroy the existing session.

2010-10-10 16:45:55 +02:00 · 2010-10-10 16:45:55 +02:00 · e4c5158851
parent 7bc37e5237
commit e4c5158851
6 changed files with 9 additions and 19 deletions
--- a/app/controllers/devise/registrations_controller.rb
+++ b/app/controllers/devise/registrations_controller.rb
@ -47,8 +47,8 @@ class Devise::RegistrationsController < ApplicationController
  # DELETE /resource
  def destroy
    resource.destroy
-    set_flash_message :notice, :destroyed
    sign_out_and_redirect(self.resource)
+    set_flash_message :notice, :destroyed
  end

  # GET /resource/cancel
--- a/app/controllers/devise/sessions_controller.rb
+++ b/app/controllers/devise/sessions_controller.rb
@ -17,7 +17,8 @@ class Devise::SessionsController < ApplicationController

  # GET /resource/sign_out
  def destroy
-    set_flash_message :notice, :signed_out if signed_in?(resource_name)
+    signed_in = signed_in?(resource_name)
    sign_out_and_redirect(resource_name)
+    set_flash_message :notice, :signed_out if signed_in
  end
 end
--- a/lib/devise/controllers/helpers.rb
+++ b/lib/devise/controllers/helpers.rb
@ -128,13 +128,10 @@ module Devise
      end

      # Sign out all active users or scopes. This helper is useful for signing out all roles
-      # in one click.
+      # in one click. This signs out ALL scopes in warden.
      def sign_out_all_scopes
-        # Not "warden.logout" since we need to sign_out only devise-defined scopes.
-        scopes = Devise.mappings.keys
-        scopes.each { |scope| warden.user(scope) }
        warden.raw_session.inspect
-        warden.logout(*scopes)
+        warden.logout
      end

      # Returns and delete the url stored in the session for the given scope. Useful
--- a/lib/devise/rails.rb
+++ b/lib/devise/rails.rb
@ -47,7 +47,7 @@ module Devise
      else
        puts "[DEVISE] You are using #{Devise.encryptor} as encryptor. From version 1.2, " <<
          "you need to explicitly add `devise :encryptable, :encryptor => #{Devise.encryptor.to_sym}` " <<
-          "to your models and comment the value in the config/initializers/devise.rb."
+          "to your models and comment the current value in the config/initializers/devise.rb"
      end
    end

--- a/lib/devise/rails/warden_compat.rb
+++ b/lib/devise/rails/warden_compat.rb
@ -4,8 +4,7 @@ module Warden::Mixins::Common
  end

  def reset_session!
-    raw_session.inspect # why do I have to inspect it to get it to clear?
-    raw_session.clear
+    request.reset_session
  end

  def cookies
--- a/test/controllers/helpers_test.rb
+++ b/test/controllers/helpers_test.rb
@ -120,11 +120,7 @@ class ControllerAuthenticableTest < ActionController::TestCase
  end

  test 'sign out everybody proxy to logout on warden' do
-    Devise.mappings.keys.each { |scope|
-      @mock_warden.expects(:user).with(scope).returns(true)
-    }
-
-    @mock_warden.expects(:logout).with(*Devise.mappings.keys).returns(true)
+    @mock_warden.expects(:logout).with().returns(true)
    @controller.sign_out_all_scopes
  end

@ -196,10 +192,7 @@ class ControllerAuthenticableTest < ActionController::TestCase

  test 'sign out and redirect uses the configured after sign out path when signing out all scopes' do
    swap Devise, :sign_out_all_scopes => true do
-      Devise.mappings.keys.each do |scope| # :user, :admin, :manager
-        @mock_warden.expects(:user).with(scope)
-      end
-      @mock_warden.expects(:logout).returns(true)
+      @mock_warden.expects(:logout).with().returns(true)
      @controller.expects(:redirect_to).with(admin_root_path)
      @controller.instance_eval "def after_sign_out_path_for(resource); admin_root_path; end"
      @controller.sign_out_and_redirect(:admin)