codeninjasllc/discourse
1
0
Fork 0
mirror of https://github.com/codeninjasllc/discourse.git synced 2025-04-25 05:23:36 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

correct breakage

Browse source 
don't set permanent cookie, kill session if it conflicts
This commit is contained in:
Sam Saffron 2013-02-24 22:56:08 +11:00
parent fd2e9a99bf
commit 47fedd8f4d
2 changed files with 6 additions and 4 deletions

4
app/models/user.rb
View file

@ -293,8 +293,8 @@ class User < ActiveRecord::Base
def update_ip_address!(new_ip_address)
if (ip_address != new_ip_address) and new_ip_address.present?
@current_user.ip_address = new_ip_address
@current_user.update_column(:ip_address, new_ip_address)
ip_address = new_ip_address
update_column(:ip_address, new_ip_address)
end
end

6
lib/current_user.rb
View file

@ -34,9 +34,11 @@ module CurrentUser
else
@current_user ||= User.where(id: session[:current_user_id]).first
# cookie recovery from session, we have been messing with it, fix it up
# I have flip flopped on this (sam), if our permanent cookie
# conflicts with our current session assume session is bust
# kill it
if @current_user && cookies["_t"] != @current_user.auth_token
set_permanent_cookie!(@current_user)
@current_user = nil
end
end