Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Devise - Invalidate user session if the same user logs in from a different browser/machine
- #cmd: rails g migration add_sign_in_token_to_users
- #db/migration/######_add_sign_in_token_to_users.rb
- class AddSignInTokenToUsers < ActiveRecord::Migration
- def change
- add_column :users, :current_sign_in_token, :string
- end
- end
- #app/application_controller.rb
- class ApplicationController < ActionController::Base
- before_action :invalidate_simultaneous_user_session, :unless => Proc.new {|c| c.controller_name == 'sessions' and c.action_name = 'create' }
- def invalidate_simultaneous_user_session
- sign_out_and_redirect(current_user) if current_user && session[:sign_in_token] != current_user.current_sign_in_token
- end
- end
- #config/application.rb
- module Yourapp
- class Application < Rails::Application
- #add this
- Warden::Manager.after_authentication do |user, auth, opts|
- #auth.cookies - to access cookie
- token = Devise.friendly_token
- user.update_attribute :current_sign_in_token, token
- #session
- auth.env['rack.session'][:sign_in_token] = token
- end
- Warden::Manager.before_logout do |user, auth, opts|
- auth.env['rack.session'].delete :sign_in_token
- end
- end
- end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement