Module: Devise::Models::SessionLimitable

Extended by:

ActiveSupport::Concern

Includes:

Compatibility

Defined in:

lib/devise-security/models/session_limitable.rb

Overview

SessionLimited ensures, that there is only one session usable per account at once. If someone logs in, and some other is logging in with the same credentials, the session from the first one is invalidated and not usable anymore. The first one is redirected to the sign page with a message, telling that someone used his credentials to sign in.

Instance Method Summary

• #update_unique_session_id!(unique_session_id) ⇒ void

  Update the unique_session_id on the model.

Instance Method Details

#update_unique_session_id!(unique_session_id) ⇒ void

This method returns an undefined value.

Update the unique_session_id on the model. This will be checked in the Warden after_set_user hook in session_limitable

Parameters:

• unique_session_id (String)

Raises:

• (Devise::Models::Compatibility::NotPersistedError) —

  if record is unsaved

# File 'lib/devise-security/models/session_limitable.rb', line 22

def update_unique_session_id!(unique_session_id)
  raise Devise::Models::Compatibility::NotPersistedError, 'cannot update a new record' unless persisted?
  update_attribute_without_validatons_or_callbacks(:unique_session_id, unique_session_id).tap do
    Rails.logger.debug { "[devise-security][session_limitable] unique_session_id=#{unique_session_id}"}
  end
end