Feature #10840 » 0001-10840-allow-stay-logged-in-from-multiple-browsers.patch
| app/models/token.rb | ||
|---|---|---|
| 80 | 80 |
def delete_previous_tokens |
| 81 | 81 |
if user |
| 82 | 82 |
scope = Token.where(:user_id => user.id, :action => action) |
| 83 |
if action == 'session' |
|
| 83 |
if action == 'session' || action == 'autologin'
|
|
| 84 | 84 |
ids = scope.order(:updated_on => :desc).offset(9).ids |
| 85 | 85 |
if ids.any? |
| 86 | 86 |
Token.delete(ids) |
| test/unit/token_test.rb | ||
|---|---|---|
| 29 | 29 | |
| 30 | 30 |
def test_create_should_remove_existing_tokens |
| 31 | 31 |
user = User.find(1) |
| 32 |
t1 = Token.create(:user => user, :action => 'autologin')
|
|
| 33 |
t2 = Token.create(:user => user, :action => 'autologin')
|
|
| 32 |
t1 = Token.create(:user => user, :action => 'register')
|
|
| 33 |
t2 = Token.create(:user => user, :action => 'register')
|
|
| 34 | 34 |
assert_not_equal t1.value, t2.value |
| 35 | 35 |
assert !Token.exists?(t1.id) |
| 36 | 36 |
assert Token.exists?(t2.id) |
| 37 | 37 |
end |
| 38 | 38 | |
| 39 |
def test_create_session_token_should_keep_last_10_tokens |
|
| 39 |
def test_create_autologin_or_session_token_should_keep_last_10_tokens
|
|
| 40 | 40 |
Token.delete_all |
| 41 | 41 |
user = User.find(1) |
| 42 | 42 | |
| 43 |
assert_difference 'Token.count', 10 do |
|
| 44 |
10.times { Token.create!(:user => user, :action => 'session') }
|
|
| 45 |
end |
|
| 43 |
["autologin", "session"].each do |action| |
|
| 44 |
assert_difference 'Token.count', 10 do |
|
| 45 |
10.times { Token.create!(:user => user, :action => action) }
|
|
| 46 |
end |
|
| 46 | 47 | |
| 47 |
assert_no_difference 'Token.count' do |
|
| 48 |
Token.create!(:user => user, :action => 'session') |
|
| 48 |
assert_no_difference 'Token.count' do |
|
| 49 |
Token.create!(:user => user, :action => action) |
|
| 50 |
end |
|
| 49 | 51 |
end |
| 50 | 52 |
end |
| 51 | 53 | |