Warden::Manager.after_set_user except: :fetch do |user, warden, _| UserSession

1. Warden::Manager.after_set_user except: :fetch do |user, warden, _|
2. UserSession.deactivate(warden.raw_session['auth_id'])
3. warden.raw_session['auth_id'] = user.activate_session(
4. ip: warden.request.ip,
5. user_agent: warden.request.user_agent
6. )
7. end
8.  
9. # After fetching a user from the session, we check that the session is marked
10. # as active for that user. If it’s not we log the user out.
11. Warden::Manager.after_fetch do |user, warden, _|
12. unless user.session_active?(warden.raw_session['auth_id'])
13. warden.logout
14. throw :warden, message: :unauthenticated
15. end
16. end
17.  
18. def sign_in(resource, *opts)
19. super(resource, *opts)
20. warden.set_user(resource, {})
21. end