Actually I want to reset_session of a particular user to make sure he is logged out on any other system he used before before logging on current one. -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Vapor .. wrote:> Actually I want to reset_session of a particular user to make sure he is > logged out on any other system he used before before logging on current > one.So what is your question? Why not just use reset_session? jp -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Jeff Pritchard wrote:> So what is your question? Why not just use reset_session? > > jpthe problem is that user can access website from many workstations. I want to make sure that before user logs in, his previous session on any workstation expires (like facebook). if I write reset_session in login part of controller before User.authenticate, would it work? I am not quite sure because user has not logged in yet and there is no mentioning of which user it is going to reset session of. -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
I am accomplishing this by storing the session_id in the user model. When a user logs in I update the user model with the current session_id. Then I have a before filter in the application.rb that checks that the session_id stored in the user model matches the current session_id. If it does not, the user gets logged out and a friendly error message telling them they logged in somewhere else. The current session id can be accessed with session.session_id On Nov 5, 2:38 pm, "Vapor .." <rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> wrote:> Jeff Pritchard wrote: > > So what is your question? Why not just use reset_session? > > > jp > > the problem is that user can access website from many workstations. I > want to make sure that before user logs in, his previous session on any > workstation expires (like facebook). > if I write reset_session in login part of controller before > User.authenticate, would it work? I am not quite sure because user has > not logged in yet and there is no mentioning of which user it is going > to reset session of. > -- > Posted viahttp://www.ruby-forum.com/.--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Using reset_session will only reset the session for the current client computer. On Nov 5, 2:38 pm, "Vapor .." <rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> wrote:> Jeff Pritchard wrote: > > So what is your question? Why not just use reset_session? > > > jp > > the problem is that user can access website from many workstations. I > want to make sure that before user logs in, his previous session on any > workstation expires (like facebook). > if I write reset_session in login part of controller before > User.authenticate, would it work? I am not quite sure because user has > not logged in yet and there is no mentioning of which user it is going > to reset session of. > -- > Posted viahttp://www.ruby-forum.com/.--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
You can either reset_session the moment someone reaches your login page or just after defining your login method reset the session but this will also clear any session which you might want to have before a user logs in ie the url user tried to access. On Nov 5, 7:38 pm, "Vapor .." <rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> wrote:> Jeff Pritchard wrote: > > So what is your question? Why not just use reset_session? > > > jp > > the problem is that user can access website from many workstations. I > want to make sure that before user logs in, his previous session on any > workstation expires (like facebook). > if I write reset_session in login part of controller before > User.authenticate, would it work? I am not quite sure because user has > not logged in yet and there is no mentioning of which user it is going > to reset session of. > -- > Posted viahttp://www.ruby-forum.com/.--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---