问题
I'm using Authlogic to manage the sessions in my application.
However, by default, authlogic allows a user to be logged in many times from different computers.
I don't want that (the user pays to get access and I want to avoid users sharing their accounts).
Looking in the Authlogic documentation, I've found about the perishable_token. But when trying to implement it, I just get an error saying the persistence_token is required (when it shouldn't be as I use the perishable one).
How would you do this using the Authlogic's features ?
Thanks :)
回答1:
Ok so the perishable token was absolutely not the right path ;)
We "just" need to reset the persistence token every time a user logs in or logs out. With this in my UserSession model, every user gets logged off from any other session when logging in.
class UserSession < Authlogic::Session::Base
before_destroy :reset_persistence_token
before_create :reset_persistence_token
def reset_persistence_token
record.reset_persistence_token
end
end
来源:https://stackoverflow.com/questions/2279248/authlogic-and-multiple-sessions-for-the-same-user