4

我正在使用 devise (1.5.3) 和warden (1.1.1),我不需要在用户登录/注册后更新 session_id

https://github.com/hassox/warden/blob/master/lib/warden/proxy.rb#L160

  if opts[:store] != false && opts[:event] != :fetch
    options = env[ENV_SESSION_OPTIONS]
    options[:renew] = true if options
    session_serializer.store(user, scope)
  end

转储选项:

options {:path=>"/", :domain=>nil, :expire_after=>nil, :secure=>false, :httponly=>true, :defer=>false, :renew=>false, :coder=># Rack::Session::Cookie::Base64::Marshal:0x00000004f50a10>, id=> "56d54b1b9820ee044151fdb4fdcb89db"}

如何配置 devise/warden 不将 options[:renew] 设置为 true ?

4

2 回答 2

2

Try this:

env['rack.session.options'][:renew] = false
于 2012-09-06T09:06:19.310 回答
2 
Warden::Manager.after_set_user do |user,auth,opts|
  auth.env["rack.session.options"][:renew] = false
end
于 2013-09-03T00:43:32.573 回答