停止设计清算会话 [英] Stop Devise from clearing session

问题描述

当用户通过标准Devise控制器注销时，Devise会破坏整个会话存储，而不仅仅是自己的数据。有没有办法避免这种行为？我有其他无关紧要的数据应该保留下来。

It seems when a user logs out via standard Devise controllers, Devise destroys the entire session store, not just its own data. Is there any way to avoid this behavior? I have other irrelevant data that should be kept around.

session[:my_var] = "123"

通过设计注销...

puts session[:my_var]
# => nil

推荐答案

destroy ¹方法 SessionsController 包含以下行：

signed_out = Devise.sign_out_all_scopes ? sign_out : sign_out(resource_name)

sign_out_all_scopes ²方法调用 warden.logout 没有任何参数，而 sign_out ³方法调用监护人。注销（范围）。

The sign_out_all_scopes² method calls warden.logout without any arguments, and the sign_out³ method calls warden.logout(scope).

注销的文档⁴方法说明： / p>

The documentation of the logout⁴ method states:

# Logout everyone and clear the session
env['warden'].logout

# Logout the default user but leave the rest of the session alone
env['warden'].logout(:default)

结论： sign_out 应该在给定具体范围时保留会话。但是，我没有看到任何办法。首先调用 sign_out_all_scopes 始终，如果无法登录，则只返回 false 任何用户出来。

Conclusion: sign_out should preserve the session when given a specific scope. However, I don't see any way to do that. sign_out_all_scopes is always called first, and will only return false if it couldn't log any user out.

我建议发布他们的问题跟踪器上的功能请求或开发自己的身份验证解决方案。 Rails现在提供了 has_secure_password ，而这些日子，为了避免遇到这些问题，人们似乎要去做。

I recommend either posting a feature request on their issue tracker or developing your own authentication solution. Rails now provides has_secure_password, and these days people seem to be going for the latter in order to avoid running into these problems.

¹ Devise :: SessionsController＃destroy

² Devise :: Controllers :: Helpers＃sign_out_all_scopes

³ Devise ::控制器::帮助者＃sign_out

⁴ Warden :: Proxy＃logout

这篇关于停止设计清算会话的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！