停止设计清算会话 [英] Stop Devise from clearing session
问题描述
当用户通过标准Devise控制器注销时,Devise会破坏整个会话存储,而不仅仅是自己的数据。有没有办法避免这种行为?我有其他无关紧要的数据应该保留下来。
It seems when a user logs out via standard Devise controllers, Devise destroys the entire session store, not just its own data. Is there any way to avoid this behavior? I have other irrelevant data that should be kept around.
session[:my_var] = "123"
通过设计注销...
puts session[:my_var]
# => nil
推荐答案
destroy
¹方法
SessionsController
包含以下行:
signed_out = Devise.sign_out_all_scopes ? sign_out : sign_out(resource_name)
sign_out_all_scopes
²方法调用 warden.logout
没有任何参数,而 sign_out
³方法调用监护人。注销(范围)
。
The sign_out_all_scopes
² method calls warden.logout
without any arguments, and the sign_out
³ method calls warden.logout(scope)
.
注销的文档
⁴方法说明: / p>
The documentation of the logout
⁴ method states:
# Logout everyone and clear the session
env['warden'].logout
# Logout the default user but leave the rest of the session alone
env['warden'].logout(:default)
结论: sign_out
应该在给定具体范围时保留会话。但是,我没有看到任何办法。首先调用 sign_out_all_scopes
始终,如果无法登录,则只返回 false
任何用户出来。
Conclusion: sign_out
should preserve the session when given a specific scope. However, I don't see any way to do that. sign_out_all_scopes
is always called first, and will only return false
if it couldn't log any user out.
我建议发布他们的问题跟踪器上的功能请求或开发自己的身份验证解决方案。 Rails现在提供了 has_secure_password
,而这些日子,为了避免遇到这些问题,人们似乎要去做。
I recommend either posting a feature request on their issue tracker or developing your own authentication solution. Rails now provides has_secure_password
, and these days people seem to be going for the latter in order to avoid running into these problems.
¹ Devise :: SessionsController#destroy
² Devise :: Controllers :: Helpers#sign_out_all_scopes
这篇关于停止设计清算会话的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!