github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-04-28 03:00:29 -04:00
Code Issues Packages Projects Releases Wiki Activity

Fix overwriting the remember_token when a valid one already exists (#4101)

Browse Source 
The remember_token should not get overwritten when a user is
signing in and a valid token already exists.

Fixes #3950.
This commit is contained in:
Ralin Chimev
2016-05-15 17:48:12 +03:00
committed by Ulisses Almeida
parent 7e658a2abf
commit a7dcf98f7e
2 changed files with 13 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
test/models/rememberable_test.rb
View File

@@ -16,6 +16,18 @@ class RememberableTest < ActiveSupport::TestCase
assert user.remember_created_at
end
test 'remember_me should not generate a new token if valid token exists' do
user = create_user
user.singleton_class.send(:attr_accessor, :remember_token)
User.to_adapter.expects(:find_first).returns(nil)
user.remember_me!
existing_token = user.remember_token
user.remember_me!
assert_equal existing_token, user.remember_token
end
test 'forget_me should not clear remember token if using salt' do
user = create_user
user.remember_me!