Unsign auth token cookies per discussion on #215

2025-02-25 18:55:32 -06:00 · 2013-02-23 13:40:21 -05:00
parent 20d6152bb4
commit 3e6641c07e
3 changed files with 4 additions and 3 deletions
--- a/lib/current_user.rb
+++ b/lib/current_user.rb
@@ -2,6 +2,7 @@ module CurrentUser

  def self.lookup_from_env(env)
    request = Rack::Request.new(env)
+    puts request.inspect
    auth_token = request.cookies[:_t]
    user = nil
    if auth_token && auth_token.length == 32
@@ -16,7 +17,7 @@ module CurrentUser

    if session[:current_user_id].blank?
      # maybe we have a cookie? 
-      auth_token = cookies.signed[:_t]
+      auth_token = cookies[:_t]
      if auth_token && auth_token.length == 32
        @current_user = User.where(auth_token: auth_token).first
        session[:current_user_id] = @current_user.id if @current_user