Cleaned up session maintenance

jqr · Mar 2, 2009 · 553c6f6 · 553c6f6
1 parent 495e95e
commit 553c6f6
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 12 deletions.
diff --git a/README.rdoc b/README.rdoc
@@ -489,9 +489,11 @@ You can also checkout the authlogic_example application (see helpful links above
 
 == Deployment
 
-When deploying your application to Apache and Passenger/mod_rails you should use Rails' ActiveRecord session store. Other Rails session systems can be problematic and give you unexpected results (like not being able to logout). 
+If you are having problems with your sessions, right now there is a bug with Rails sessions using cookie store. Checkout the comments on this commit: http://github.com/binarylogic/authlogic/commit/495e95e5a2f724e6f1e339c4871168c6c5e6a7ca
 
-AuthLogic has proven itself in different and complex production environments using the ActiveRecord session store.
+As a temporary fix, you should use Rails' ActiveRecord session store. Authlogic just leverages the Rails' session system, it doesn't do anything tricky, or anything you wouldn't do in your controller.
+
+Regardless, once a fix is released this will be a non issue.
 
 == Framework agnostic (Rails, Merb, etc.)
 

diff --git a/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/session_maintenance.rb b/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/session_maintenance.rb
@@ -36,21 +36,17 @@ def update_sessions?
                 def get_session_information
                   # Need to determine if we are completely logged out, or logged in as another user
                   @_sessions = []
-                  @_logged_out = true
           
                   #{options[:session_ids].inspect}.each do |session_id|
                     session = #{options[:session_class]}.find(session_id, self)
-                    if session && !session.record.blank?
-                      @_logged_out = false
-                      @_sessions << session if session.record == self
-                    end
+                    @_sessions << session if session && session.record && session.record == self
                   end
                 end
         
                 def maintain_sessions!
-                  if @_logged_out
+                  if @_sessions.empty?
                     create_session!
-                  elsif !@_sessions.blank?
+                  else
                     update_sessions!
                   end
                 end
@@ -59,9 +55,7 @@ def create_session!
                   # We only want to automatically login into the first session, since this is the main session. The other sessions are sessions
                   # that need to be created after logging into the main session.
                   session_id = #{options[:session_ids].inspect}.first
-                   
-                  # Log me in, only if we aren't already logged in
-                  #{options[:session_class]}.create(*[self, self, session_id].compact) if !#{options[:session_class]}.find(session_id, self)
+                  #{options[:session_class]}.create(*[self, self, session_id].compact)
                 end
         
                 def update_sessions!