I'm using Authlogic to manage the sessions in my application.
However, by default, authlogic allows a user to be logged in many times from different computers.
I don't want that (the user pays to get access and I want to avoid users sharing their accounts).
我正在使用Authlogic来管理我的应用程序中的会话。但是,默认情况下,authlogic允许用户从不同的计算机多次登录。我不希望这样(用户付费获取访问权限,我希望避免用户共享其帐户)。
Looking in the Authlogic documentation, I've found about the perishable_token. But when trying to implement it, I just get an error saying the persistence_token is required (when it shouldn't be as I use the perishable one).
查看Authlogic文档,我发现了perishable_token。但是当试图实现它时,我只是得到一个错误,说persistence_token是必需的(当它不应该是因为我使用易腐烂的)。
How would you do this using the Authlogic's features ?
你会如何使用Authlogic的功能?
Thanks :)
1 个解决方案
#1
16
Ok so the perishable token was absolutely not the right path ;)
好吧,易腐坏的令牌绝对不是正确的道路;)
We "just" need to reset the persistence token every time a user logs in or logs out. With this in my UserSession model, every user gets logged off from any other session when logging in.
我们“只需”每次用户登录或注销时都需要重置持久性令牌。在我的UserSession模型中,每个用户在登录时都会从任何其他会话中注销。
class UserSession < Authlogic::Session::Base
before_destroy :reset_persistence_token
before_create :reset_persistence_token
def reset_persistence_token
record.reset_persistence_token
end
end
#1
16
Ok so the perishable token was absolutely not the right path ;)
好吧,易腐坏的令牌绝对不是正确的道路;)
We "just" need to reset the persistence token every time a user logs in or logs out. With this in my UserSession model, every user gets logged off from any other session when logging in.
我们“只需”每次用户登录或注销时都需要重置持久性令牌。在我的UserSession模型中,每个用户在登录时都会从任何其他会话中注销。
class UserSession < Authlogic::Session::Base
before_destroy :reset_persistence_token
before_create :reset_persistence_token
def reset_persistence_token
record.reset_persistence_token
end
end