Sessions not destroying #247

Closed
benmoss opened this Issue Apr 22, 2011 · 0 comments

Comments

Projects
None yet
1 participant

benmoss commented Apr 22, 2011

I am using Authlogic 2.1.6 and the boilerplate current_user & current_user_session methods in the tutorial.

https://gist.github.com/937368

Using HTTParty, I hit up user_session#create. I get back my user_credentials and Rails session headers, which I set my client to use.

Then I hit user_session#destroy, which gives me a user_credentials header of '' and a new Rails session. I ignore this.

Then I hit user_session#show, and it recognizes me as still being a current_user. Does anyone have any idea what's going on? Shouldn't destroy invalidate those credentials?

benmoss closed this Apr 26, 2011

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment