From 9204c3efa4f3c591fa2f788e6c084df5b3aa1fb1 Mon Sep 17 00:00:00 2001 From: Gregor Schmidt Date: Mon, 16 Nov 2015 13:21:15 +0100 Subject: [PATCH] #10840 allow "stay logged in" from multiple browsers --- app/models/token.rb | 2 +- test/unit/token_test.rb | 18 ++++++++++-------- 2 files changed, 11 insertions(+), 9 deletions(-) diff --git a/app/models/token.rb b/app/models/token.rb index e458a92..7e436b9 100644 --- a/app/models/token.rb +++ b/app/models/token.rb @@ -80,7 +80,7 @@ class Token < ActiveRecord::Base def delete_previous_tokens if user scope = Token.where(:user_id => user.id, :action => action) - if action == 'session' + if action == 'session' || action == 'autologin' ids = scope.order(:updated_on => :desc).offset(9).ids if ids.any? Token.delete(ids) diff --git a/test/unit/token_test.rb b/test/unit/token_test.rb index 95559c5..e53a351 100644 --- a/test/unit/token_test.rb +++ b/test/unit/token_test.rb @@ -29,23 +29,25 @@ class TokenTest < ActiveSupport::TestCase def test_create_should_remove_existing_tokens user = User.find(1) - t1 = Token.create(:user => user, :action => 'autologin') - t2 = Token.create(:user => user, :action => 'autologin') + t1 = Token.create(:user => user, :action => 'register') + t2 = Token.create(:user => user, :action => 'register') assert_not_equal t1.value, t2.value assert !Token.exists?(t1.id) assert Token.exists?(t2.id) end - def test_create_session_token_should_keep_last_10_tokens + def test_create_autologin_or_session_token_should_keep_last_10_tokens Token.delete_all user = User.find(1) - assert_difference 'Token.count', 10 do - 10.times { Token.create!(:user => user, :action => 'session') } - end + ["autologin", "session"].each do |action| + assert_difference 'Token.count', 10 do + 10.times { Token.create!(:user => user, :action => action) } + end - assert_no_difference 'Token.count' do - Token.create!(:user => user, :action => 'session') + assert_no_difference 'Token.count' do + Token.create!(:user => user, :action => action) + end end end -- 2.5.3