Module: Devise::Models::SessionLimitable
- Extended by:
- ActiveSupport::Concern
- Includes:
- Compatibility
- Defined in:
- lib/devise-security/models/session_limitable.rb
Overview
SessionLimited ensures, that there is only one session usable per account at once. If someone logs in, and some other is logging in with the same credentials, the session from the first one is invalidated and not usable anymore. The first one is redirected to the sign page with a message, telling that someone used his credentials to sign in.
Instance Method Summary collapse
-
#skip_session_limitable? ⇒ Boolean, false
Should session_limitable be skipped for this instance?.
-
#update_unique_session_id!(unique_session_id) ⇒ void
Update the unique_session_id on the model.
Instance Method Details
#skip_session_limitable? ⇒ Boolean, false
Should session_limitable be skipped for this instance?
33 34 35 |
# File 'lib/devise-security/models/session_limitable.rb', line 33 def skip_session_limitable? false end |
#update_unique_session_id!(unique_session_id) ⇒ void
This method returns an undefined value.
Update the unique_session_id on the model. This will be checked in the Warden after_set_user hook in session_limitable
22 23 24 25 26 27 28 |
# File 'lib/devise-security/models/session_limitable.rb', line 22 def update_unique_session_id!(unique_session_id) raise Devise::Models::Compatibility::NotPersistedError, 'cannot update a new record' unless persisted? update_attribute_without_validatons_or_callbacks(:unique_session_id, unique_session_id).tap do Rails.logger.debug { "[devise-security][session_limitable] unique_session_id=#{unique_session_id}" } end end |