Over-resilient session
Andrew Stewart
I plugged Rack::Cache into a Rails app yesterday and all worked
perfectly until I tried to log out of my app. The action which handles
the logout was still called, and it correctly emptied the session
hash, and then redirected to the home page...by which time the session
had been mysteriously restored leaving me still logged in.
I'm using a form-based approach to authentication rather than HTTP
authentication. My logging-out action looks like this:
def destroy
self.current_member.forget_me if logged_in?
cookies.delete :auth_token
reset_session
flash[:notice] = "You have signed out. Thanks for coming!"
redirect_back_or_default('/')
end
If I remove Rack::Cache from my app's middleware, the log-out works
again. If I pop Rack::Cache back into the middleware, the log-out
stops working. So the problem is definitely around my (mis)use of
Rack::Cache.
What's the best way to go about debugging this? I wonder if it's
something to do with a cookie being cached but I'm not sure how to
investigate. Any pointers would be most welcome.
Thanks and regards,
Andy Stewart
-------
http://airbladesoftware.com
mergulhao83
I'm with the same problem. As a temporary fix I placed:
"self.current_user = nil"
just before reset_session call. Seens that session is not being reseted.
Sylvestre Mergulhão
-----------------------------------------------------------------------
http://mergulhao.info
http://redeparede.com
On Thu, Sep 24, 2009 at 11:42 AM, Sylvestre Mergulhão
<mergu...@gmail.com> wrote: