diff options
author | Sorin Davidoi <sorin.davidoi@gmail.com> | 2017-06-23 18:50:53 +0200 |
---|---|---|
committer | Eugen Rochko <eugen@zeonfederated.com> | 2017-06-23 18:50:53 +0200 |
commit | 2211e8d1cd6eb97a8a04e24c1fea7031a201edb5 (patch) | |
tree | b235a97b1c0f73475449c2313823dc6d599f31bb /config/initializers/devise.rb | |
parent | 3783cadf2d7a2b7ace078d1d337645f53c190c69 (diff) |
Revocable sessions (#3616)
* feat: Revocable sessions * fix: Tests using sign_in * feat: Configuration entry for the maximum number of session activations
Diffstat (limited to 'config/initializers/devise.rb')
-rw-r--r-- | config/initializers/devise.rb | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index 4754c2c8c..6d3a73ef6 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -1,3 +1,19 @@ +Warden::Manager.after_set_user except: :fetch do |user, warden| + SessionActivation.deactivate warden.raw_session['auth_id'] + warden.raw_session['auth_id'] = user.activate_session +end + +Warden::Manager.after_fetch do |user, warden| + unless user.session_active?(warden.raw_session['auth_id']) + warden.logout + throw :warden, message: :unauthenticated + end +end + +Warden::Manager.before_logout do |_, warden| + SessionActivation.deactivate warden.raw_session['auth_id'] +end + Devise.setup do |config| config.warden do |manager| manager.default_strategies(scope: :user).unshift :two_factor_authenticatable |