codeninjasllc/discourse
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

correct breakage

Browse source 
don't set permanent cookie, kill session if it conflicts
This commit is contained in:
Sam Saffron 2013-02-24 22:56:08 +11:00
parent fd2e9a99bf
commit 47fedd8f4d
2 changed files with 6 additions and 4 deletions

4
app/models/user.rb
View file

@ -293,8 +293,8 @@ class User < ActiveRecord::Base
def update_ip_address!(new_ip_address) def update_ip_address!(new_ip_address)
if (ip_address != new_ip_address) and new_ip_address.present? if (ip_address != new_ip_address) and new_ip_address.present?
@current_user.ip_address = new_ip_address ip_address = new_ip_address
@current_user.update_column(:ip_address, new_ip_address) update_column(:ip_address, new_ip_address)
end end
end end

6
lib/current_user.rb
View file

@ -34,9 +34,11 @@ module CurrentUser
else else
@current_user ||= User.where(id: session[:current_user_id]).first @current_user ||= User.where(id: session[:current_user_id]).first
# cookie recovery from session, we have been messing with it, fix it up # I have flip flopped on this (sam), if our permanent cookie
# conflicts with our current session assume session is bust
# kill it
if @current_user && cookies["_t"] != @current_user.auth_token if @current_user && cookies["_t"] != @current_user.auth_token
set_permanent_cookie!(@current_user) @current_user = nil
end end
end end