Commit ca229eea
Changed files (3)
app
controllers
models
app/controllers/application_controller.rb
@@ -4,10 +4,11 @@ class ApplicationController < ActionController::Base
protect_from_forgery with: :exception
before_filter :load_header
before_filter :configure_permitted_parameters, if: :devise_controller?
+ before_filter :extend_session_cookie
helper_method :current_user, :user_signed_in?
def user_session(session_key = cookies.signed[:cookie_monster])
- UserSession.authenticate(session_key)
+ @user_session ||= UserSession.authenticate(session_key)
end
def current_user
@@ -36,4 +37,8 @@ class ApplicationController < ActionController::Base
def authenticate!
redirect_to new_session_path unless user_session
end
+
+ def extend_session_cookie
+ cookies.signed[:cookie_monster] = user_session.access(request) if user_signed_in?
+ end
end
app/controllers/sessions_controller.rb
@@ -5,13 +5,7 @@ class SessionsController < ApplicationController
def create
if @session = UserSession.login(session_params[:username], session_params[:password])
- @session.access(request)
- cookies.signed[:cookie_monster] = {
- value: @session.key,
- secure: Rails.env.production? || Rails.env.staging?,
- httponly: true,
- expires: 2.weeks.from_now,
- }
+ cookies.signed[:cookie_monster] = @session.access(request)
redirect_to my_dashboard_path
else
flash[:error] = "invalid credentials"
app/models/user_session.rb
@@ -12,7 +12,16 @@ class UserSession < ActiveRecord::Base
self.accessed_at = Time.now
self.ip = request.ip
self.user_agent = request.user_agent
- save
+ if save
+ {
+ value: key,
+ secure: Rails.env.production? || Rails.env.staging?,
+ httponly: true,
+ expires: 2.weeks.from_now,
+ }
+ else
+ {}
+ end
end
private