Class: Sessions::DevicesController

Inherits:

ApplicationController

• Object
• ApplicationController
• Sessions::DevicesController

Defined in:

app/controllers/sessions/devices_controller.rb

Overview

The “Your devices” page: list, revoke one, sign out everywhere else, and the login history. Deliberately trivial — if you need custom controller behavior, render the partials from your own controller instead (the README’s Layer 1).

Instance Method Summary

• #destroy ⇒ Object
• #history ⇒ Object
• #index ⇒ Object

  Current session always first (and never revocable from this page — signing out the device you’re on is the app’s normal logout).

• #others ⇒ Object

Dynamic Method Handling

This class handles dynamic methods through the method_missing method in the class Sessions::ApplicationController

Instance Method Details

#destroy ⇒ Object

# File 'app/controllers/sessions/devices_controller.rb', line 24

def destroy
  return unless sessions_reauthenticate!

  session_row = sessions_owner_sessions.find(params[:id])

  if session_row.current?(request)
    redirect_to devices_path, alert: t("sessions.devices.cannot_revoke_current")
    return
  end

  session_row.revoke!(reason: :user_revoked, by: sessions_current_user)
  redirect_to devices_path, notice: t("sessions.devices.revoked"), status: :see_other
end

#history ⇒ Object

# File 'app/controllers/sessions/devices_controller.rb', line 20

def history
  @events = sessions_owner_events.recent.limit(200)
end

#index ⇒ Object

Current session always first (and never revocable from this page —signing out the device you’re on is the app’s normal logout).

# File 'app/controllers/sessions/devices_controller.rb', line 11

def index
  @sessions = sessions_owner_sessions.by_recency.to_a
  if (current = @sessions.find { |session| session == sessions_current_session })
    @sessions.delete(current)
    @sessions.unshift(current)
  end
  @events = sessions_owner_events.recent.limit(10)
end

#others ⇒ Object

# File 'app/controllers/sessions/devices_controller.rb', line 38

def others
  return unless sessions_reauthenticate!

  sessions_current_user.revoke_other_sessions!(
    current: sessions_current_session,
    by: sessions_current_user
  )
  redirect_to devices_path, notice: t("sessions.devices.revoked_others"), status: :see_other
end