diff options
author | Sorin Davidoi <sorin.davidoi@gmail.com> | 2017-06-23 18:50:53 +0200 |
---|---|---|
committer | Eugen Rochko <eugen@zeonfederated.com> | 2017-06-23 18:50:53 +0200 |
commit | 2211e8d1cd6eb97a8a04e24c1fea7031a201edb5 (patch) | |
tree | b235a97b1c0f73475449c2313823dc6d599f31bb /config/initializers | |
parent | 3783cadf2d7a2b7ace078d1d337645f53c190c69 (diff) |
Revocable sessions (#3616)
* feat: Revocable sessions * fix: Tests using sign_in * feat: Configuration entry for the maximum number of session activations
Diffstat (limited to 'config/initializers')
-rw-r--r-- | config/initializers/devise.rb | 16 | ||||
-rw-r--r-- | config/initializers/session_activations.rb | 5 |
2 files changed, 21 insertions, 0 deletions
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index 4754c2c8c..6d3a73ef6 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -1,3 +1,19 @@ +Warden::Manager.after_set_user except: :fetch do |user, warden| + SessionActivation.deactivate warden.raw_session['auth_id'] + warden.raw_session['auth_id'] = user.activate_session +end + +Warden::Manager.after_fetch do |user, warden| + unless user.session_active?(warden.raw_session['auth_id']) + warden.logout + throw :warden, message: :unauthenticated + end +end + +Warden::Manager.before_logout do |_, warden| + SessionActivation.deactivate warden.raw_session['auth_id'] +end + Devise.setup do |config| config.warden do |manager| manager.default_strategies(scope: :user).unshift :two_factor_authenticatable diff --git a/config/initializers/session_activations.rb b/config/initializers/session_activations.rb new file mode 100644 index 000000000..ff3efc852 --- /dev/null +++ b/config/initializers/session_activations.rb @@ -0,0 +1,5 @@ +# frozen_string_literal: true + +Rails.application.configure do + config.x.max_session_activations = ENV['MAX_SESSION_ACTIVATIONS'] || 10 +end |