You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Actually cause of this bug is not related to gem push. If I logged in in one browser and log in again in another browser using the same username & passwords, the login session in the first browser will be reset. Because identification of current_user is implemented using User#remember_token, which is a field in users table. If a 'new me' logged in, the older remember token will be replaced by the newer one. That is to say any user can only logged in at one place.
We don't really have to support login from multiple sessions, it will be lot of work.
I find log out on gem push particularly annoying, and want to fix just that. authenticate_with_api_key gets called on every api request which needs authentication.
It is signing in user on every api request. I can't think of any good reason to create a session on api call when we are sending api_key with all requests anyway. We can create an @api_user instead of sign_in and use it instead of current_user in api controllers.
Sign in to rubygems.org, push a gem using
gem push <some.gem>
. Reload rubygems.org in browser, user has been logged out.The text was updated successfully, but these errors were encountered: