Strategies for a single request #12

wants to merge 1 commit into


None yet
2 participants

sirlantis commented Sep 9, 2010

I found it odd that Devise's Token TokenAuthenticatable granted a permanent login - I expected it that it would authorize a single request only, not performing a permanent login. When I tried to create my own strategy I noticed that Warden had a set_user(user, :store => false) method, but there was no way to set the :store option from within a strategy.

I added a store? method to the base strategy (default: true) which you can let return false when implementing your own strategy to prevent saving to the session. Providing a :store option to set_user will always take precedence over store?.


This comment has been minimized.

Show comment
Hide comment

hassox Sep 9, 2010


Applied :D Thanks


hassox commented Sep 9, 2010

Applied :D Thanks

This issue was closed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment