Class: Warden::SessionSerializer

Inherits:

Object

• Object
• Warden::SessionSerializer

Defined in:

lib/devise_session_expirable/warden_extensions.rb

Overview

Each time the user record is fetched from a session, the record is consulted (via #session_expired?) to determine if the last_request_at time in the session is valid, or if the session should be considered as having timed out. If the session is deemed to have timed out, the record is disregarded.

Unlike the Devise timeoutable module, devise_session_expirable does not support invalidation of authentication tokens from the devise token_authenticatable module when a request with a valid authentication token is accompanied by an expired session.

Instance Method Summary

• #fetch(scope) ⇒ Object

Instance Method Details

#fetch(scope) ⇒ Object

# File 'lib/devise_session_expirable/warden_extensions.rb', line 15

def fetch(scope)
  key = session[key_for(scope)]
  return nil unless key

  method_name = "#{scope}_deserialize"
  user = respond_to?(method_name) ? send(method_name, key) : deserialize(key)
  user = nil unless valid_for_deserialization?(scope, user)
  delete(scope) unless user
  user
end