0

I have a Rails app running Rails 3.2.6 and Devise 2.1.2 and I want to be able to limit concurrent logins to 1. I've tried using the Devise Security Extension but keep getting an undefined method for unique_session_id.

Instead I want to see if I can override Devise's behavior as in this SO article: devise limit one session per user at a time

I understand how it works and I've generated a sessions controller, but I'm not sure how to force the app to use it as an override for Devise. Also in the controller should I be inheriting from the Application Controller or the Devise Controller?

Everything in place right now however the app doesn't write a login_token which tells me that I'm not using the controller properly or something else might be amiss.

Any help is appreciated.

Community
  • 1
  • 1
nulltek
  • 3,247
  • 9
  • 44
  • 94
  • 2
    Look this [devise_security_extension gem](https://github.com/phatworx/devise_security_extension) It might help you a lot :) – Rafaiel Aug 31 '12 at 06:06

1 Answers1

0

I would strongly recommend you check out the Devise Wiki. Chances are when doing something like this, the answer can be found there. Your new controller will need to inherit from the Devise Sessions Controller as such:

class MySessionsController < Devise::SessionsController

This way, any methods you did not specifically override will still be called, thus not breaking other functionality.

In order to make sure that Devise uses your controller instead of it's own, make your devise_for call in routes.rb look as follows:

devise_for :users, :controllers => { :sessions => "my_sessions" }

From there Devise will pick up your controller. It's probably a good idea to restart your server in there just to be sure.

janders223
  • 3,123
  • 2
  • 22
  • 27
  • Thanks for the help. I've tried this and restarted my Rails server to be sure it took. When I try to login it simply refreshes the page and goes back to the login/new session view. I see it hitting the controller in the dev log " Processing by MySessionsController#new as HTML" but it doesn't get past that. At least I know it's overriding but not sure where to go next to limit the session based off of the previous article I posted. – nulltek Aug 30 '12 at 15:19
  • Well, I have no idea what your sessions controller or any other code in your app looks like, nor is that the original question you asked. So maybe post that as a new question, accept this one as it did solve the question you asked, and be sure to post some code in the new question. – janders223 Aug 30 '12 at 15:30
  • Thanks Janders. I'll do that. – nulltek Aug 30 '12 at 15:51