Class: Warden::SessionSerializer
- Inherits:
-
Object
- Object
- Warden::SessionSerializer
- Defined in:
- lib/devise_session_expirable/warden_extensions.rb
Overview
Each time the user record is fetched from a session, the record is consulted (via #session_expired?
) to determine if the last_request_at
time in the session is valid, or if the session should be considered as having timed out. If the session is deemed to have timed out, the record is disregarded.
Unlike the Devise timeoutable
module, devise_session_expirable does not support invalidation of authentication tokens from the devise token_authenticatable
module when a request with a valid authentication token is accompanied by an expired session.
Instance Method Summary collapse
Instance Method Details
#fetch(scope) ⇒ Object
15 16 17 18 19 20 21 22 23 24 |
# File 'lib/devise_session_expirable/warden_extensions.rb', line 15 def fetch(scope) key = session[key_for(scope)] return nil unless key method_name = "#{scope}_deserialize" user = respond_to?(method_name) ? send(method_name, key) : deserialize(key) user = nil unless valid_for_deserialization?(scope, user) delete(scope) unless user user end |