Module: Authlogic::ORMAdapters::ActiveRecordAdapter::ActsAsAuthentic::SessionMaintenance

Defined in:
lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/session_maintenance.rb

Overview

Session Maintenance

Responsible for maintaining the related session as the record changes. Here is what it does:

  1. If the user is logged out and creates a new record, they will be logged in as that record

  2. If the user is logged out and changes a record’s password, they will be logged in as that record

  3. If a user is logged in and changes his own password, their session will be updated accordingly. This can be done anywhere: the my account section, admin area, etc.

Instance Methods

  • save_without_session_maintenance - allows you to save the record and skip all of the session maintenance completely

Instance Method Summary collapse

Instance Method Details

#acts_as_authentic_with_session_maintenance(options = {}) ⇒ Object 



17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
 
# File 'lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/session_maintenance.rb', line 17

def acts_as_authentic_with_session_maintenance(options = {})
  acts_as_authentic_without_session_maintenance(options)

  before_save :get_session_information, :if => :update_sessions?
  after_save :maintain_sessions!, :if => :update_sessions?

  class_eval <<-"end_eval", __FILE__, __LINE__
    def save_without_session_maintenance(*args)
      @skip_session_maintenance = true
      result = save(*args)
      @skip_session_maintenance = false
      result
    end
  
    protected
      def update_sessions?
        !@skip_session_maintenance && #{options[:session_class]}.activated? && !#{options[:session_ids].inspect}.blank? && #{options[:persistence_token_field]}_changed?
      end
  
      def get_session_information
        # Need to determine if we are completely logged out, or logged in as another user
        @_sessions = []
        @_logged_out = true

        #{options[:session_ids].inspect}.each do |session_id|
          session = #{options[:session_class]}.find(*[session_id].compact)
          if session
            if !session.record.blank?
              @_logged_out = false
              @_sessions << session if session.record == self
            end
          end
        end
      end
        
      def maintain_sessions!
        if @_logged_out
          create_session!
        elsif !@_sessions.blank?
          update_sessions!
        end
      end
        
      def create_session!
        # We only want to automatically login into the first session, since this is the main session. The other sessions are sessions
        # that need to be created after logging into the main session.
        session_id = #{options[:session_ids].inspect}.first

        # If we are already logged in, ignore this completely. All that we care about is updating ourself.
        next if #{options[:session_class]}.find(*[session_id].compact)
              
        # Log me in
        args = [self, session_id].compact
        #{options[:session_class]}.create(*args)
      end
        
      def update_sessions!
        # We found sessions above, let's update them with the new info
        @_sessions.each do |stale_session|
          stale_session.unauthorized_record = self
          stale_session.save
        end
      end
  end_eval
end