Skip to content
This repository
Newer
Older
100644 139 lines (122 sloc) 5.391 kb
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
1 module Authlogic
2 module ActsAsAuthentic
3 # This is one of my favorite features that I think is pretty cool. It's things like this that make a library great
4 # and let you know you are on the right track.
5 #
6 # Just to clear up any confusion, Authlogic stores both the record id and the persistence token in the session.
7 # Why? So stale sessions can not be persisted. It stores the id so it can quickly find the record, and the
9be1f268 » yourewelcome
2009-03-26 Added validates_uniqueness_of_login_field_options and validates_uniqu…
8 # persistence token to ensure no sessions are stale. So if the persistence token changes, the user must log
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
9 # back in.
10 #
11 # Well, the persistence token changes with the password. What happens if the user changes his own password?
12 # He shouldn't have to log back in, he's the one that made the change.
13 #
14 # That being said, wouldn't it be nice if their session and cookie information was automatically updated?
15 # Instead of cluttering up your controller with redundant session code. The same thing goes for new
16 # registrations.
17 #
18 # That's what this module is all about. This will automatically maintain the cookie and session values as
19 # records are saved.
20 module SessionMaintenance
78f5befa » yourewelcome
2009-03-23 Restructure configuration for acts_as_authentic
21 def self.included(klass)
22 klass.class_eval do
23 extend Config
24 add_acts_as_authentic_module(Methods)
25 end
26 end
27
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
28 module Config
750f4d7a » yourewelcome
2009-04-23 * Add a maintain_sessions configuration option to Authlogic::ActsAsAu…
29 # This is more of a convenience method. In order to turn off automatic maintenance of sessions just
30 # set this to false, or you can also set the session_ids method to a blank array. Both accomplish
31 # the same thing. This method is a little clearer in it's intentions though.
32 #
33 # * <tt>Default:</tt> true
34 # * <tt>Accepts:</tt> Boolean
35 def maintain_sessions(value = nil)
1ba948ec » yourewelcome
2009-05-08 * Changed config() convenience method to rw_config() to be more descr…
36 rw_config(:maintain_sessions, value, true)
750f4d7a » yourewelcome
2009-04-23 * Add a maintain_sessions configuration option to Authlogic::ActsAsAu…
37 end
38 alias_method :maintain_sessions=, :maintain_sessions
39
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
40 # As you may know, authlogic sessions can be separate by id (See Authlogic::Session::Base#id). You can
41 # specify here what session ids you want auto maintained. By default it is the main session, which has
42 # an id of nil.
43 #
44 # * <tt>Default:</tt> [nil]
45 # * <tt>Accepts:</tt> Array
46 def session_ids(value = nil)
1ba948ec » yourewelcome
2009-05-08 * Changed config() convenience method to rw_config() to be more descr…
47 rw_config(:session_ids, value, [nil])
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
48 end
49 alias_method :session_ids=, :session_ids
50
51 # The name of the associated session class. This is inferred by the name of the model.
52 #
53 # * <tt>Default:</tt> "#{klass.name}Session".constantize
54 # * <tt>Accepts:</tt> Class
55 def session_class(value = nil)
9be1f268 » yourewelcome
2009-03-26 Added validates_uniqueness_of_login_field_options and validates_uniqu…
56 const = "#{base_class.name}Session".constantize rescue nil
1ba948ec » yourewelcome
2009-05-08 * Changed config() convenience method to rw_config() to be more descr…
57 rw_config(:session_class, value, const)
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
58 end
59 alias_method :session_class=, :session_class
60 end
61
62 module Methods
63 def self.included(klass)
64 klass.class_eval do
65 before_save :get_session_information, :if => :update_sessions?
66 before_save :maintain_sessions, :if => :update_sessions?
67 end
68 end
69
70 # Save the record and skip session maintenance all together.
71 def save_without_session_maintenance(*args)
72 self.skip_session_maintenance = true
73 result = save(*args)
74 self.skip_session_maintenance = false
75 result
76 end
77
78 private
79 def skip_session_maintenance=(value)
80 @skip_session_maintenance = value
81 end
82
83 def skip_session_maintenance
84 @skip_session_maintenance ||= false
85 end
86
87 def update_sessions?
750f4d7a » yourewelcome
2009-04-23 * Add a maintain_sessions configuration option to Authlogic::ActsAsAu…
88 !skip_session_maintenance && session_class && session_class.activated? && self.class.maintain_sessions == true && !session_ids.blank? && persistence_token_changed?
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
89 end
90
91 def get_session_information
92 # Need to determine if we are completely logged out, or logged in as another user
93 @_sessions = []
94
78f5befa » yourewelcome
2009-03-23 Restructure configuration for acts_as_authentic
95 session_ids.each do |session_id|
96 session = session_class.find(session_id, self)
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
97 @_sessions << session if session && session.record
98 end
99 end
100
101 def maintain_sessions
102 if @_sessions.empty?
103 create_session
104 else
105 update_sessions
106 end
107 end
108
109 def create_session
110 # We only want to automatically login into the first session, since this is the main session. The other sessions are sessions
111 # that need to be created after logging into the main session.
78f5befa » yourewelcome
2009-03-23 Restructure configuration for acts_as_authentic
112 session_id = session_ids.first
90789014 » yourewelcome
2009-03-23 Dont save sessions with a ! during automatic session maintenance
113 session_class.create(*[self, self, session_id].compact)
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
114
115 return true
116 end
117
118 def update_sessions
119 # We found sessions above, let's update them with the new info
120 @_sessions.each do |stale_session|
121 next if stale_session.record != self
122 stale_session.unauthorized_record = self
123 stale_session.save
124 end
125
126 return true
127 end
78f5befa » yourewelcome
2009-03-23 Restructure configuration for acts_as_authentic
128
129 def session_ids
130 self.class.session_ids
131 end
132
133 def session_class
134 self.class.session_class
135 end
605162d3 » yourewelcome
2009-03-20 Release v2.0 RC1
136 end
137 end
138 end
139 end
Something went wrong with that request. Please try again.