0001-10840-allow-stay-logged-in-from-multiple-browsers.patch

simplest thing (that could possibly work) - Gregor Schmidt, 2015-11-16 13:51

Download (2.19 KB)

View differences:

app/models/token.rb
80 80
  def delete_previous_tokens
81 81
    if user
82 82
      scope = Token.where(:user_id => user.id, :action => action)
83
      if action == 'session'
83
      if action == 'session' || action == 'autologin'
84 84
        ids = scope.order(:updated_on => :desc).offset(9).ids
85 85
        if ids.any?
86 86
          Token.delete(ids)
test/unit/token_test.rb
29 29

  
30 30
  def test_create_should_remove_existing_tokens
31 31
    user = User.find(1)
32
    t1 = Token.create(:user => user, :action => 'autologin')
33
    t2 = Token.create(:user => user, :action => 'autologin')
32
    t1 = Token.create(:user => user, :action => 'register')
33
    t2 = Token.create(:user => user, :action => 'register')
34 34
    assert_not_equal t1.value, t2.value
35 35
    assert !Token.exists?(t1.id)
36 36
    assert  Token.exists?(t2.id)
37 37
  end
38 38

  
39
  def test_create_session_token_should_keep_last_10_tokens
39
  def test_create_autologin_or_session_token_should_keep_last_10_tokens
40 40
    Token.delete_all
41 41
    user = User.find(1)
42 42

  
43
    assert_difference 'Token.count', 10 do
44
      10.times { Token.create!(:user => user, :action => 'session') }
45
    end
43
    ["autologin", "session"].each do |action|
44
      assert_difference 'Token.count', 10 do
45
        10.times { Token.create!(:user => user, :action => action) }
46
      end
46 47

  
47
    assert_no_difference 'Token.count' do
48
      Token.create!(:user => user, :action => 'session')
48
      assert_no_difference 'Token.count' do
49
        Token.create!(:user => user, :action => action)
50
      end
49 51
    end
50 52
  end
51 53

  
52
-