Where to override current_user helper method of devise gem

Question

How can i override current_user of devise gem. Actually I need to add web services for mobile-app.

Currently devise is managing session and \'current_

Answer 1

Assuming we can trust our session data (which relies on whether you put user input in there without proper authorization or not), this might work as a Concern:

module Concerns
  module ControllerWithImpersonation
    extend ActiveSupport::Concern

    included do
      helper_method :devise_current_user
    end

    def current_user
      if session[:impersonated_user_id].blank?
        devise_current_user
      else
        User.find(session[:impersonated_user_id])
      end
    end

    def devise_current_user
      @devise_current_user ||= warden.authenticate(:scope => :user)
    end

  end
end

I'm using this in a project for now.

A minor question (in the answer, sorry) ... should I be aware of any changes in Devise or Warden that make devise_current_user above outdated?