Module: Authlogic::ActsAsAuthentic::SessionMaintenance
- Defined in:
- lib/authlogic/acts_as_authentic/session_maintenance.rb
Overview
This is one of my favorite features that I think is pretty cool. It’s things like this that make a library great and let you know you are on the right track.
Just to clear up any confusion, Authlogic stores both the record id and the persistence token in the session. Why? So stale sessions can not be persisted. It stores the id so it can quickly find the record, and the persistence token to ensure no sessions are stale. So if the persistence token changes, the user must log back in.
Well, the persistence token changes with the password. What happens if the user changes his own password? He shouldn’t have to log back in, he’s the one that made the change.
That being said, wouldn’t it be nice if their session and cookie information was automatically updated? Instead of cluttering up your controller with redundant session code. The same thing goes for new registrations.
That’s what this module is all about. This will automatically maintain the cookie and session values as records are saved.