From 08782ec52e6c4e3ec125037b7d6192d9078d2dc8 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Thu, 18 Aug 2016 09:45:26 +0200
Subject: [PATCH] Only mark device as current if device got touched within last
  30 minutes.

---
 app/controllers/user_devices_controller.rb | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/app/controllers/user_devices_controller.rb b/app/controllers/user_devices_controller.rb
index e189e1530..16220393f 100644
--- a/app/controllers/user_devices_controller.rb
+++ b/app/controllers/user_devices_controller.rb
@@ -16,7 +16,8 @@ class UserDevicesController < ApplicationController
       attributes.delete('location_details')
       attributes.delete('fingerprint')
 
-      if session[:user_device_fingerprint] == device.fingerprint
+      # mark current device to prevent killing own session via user preferences device management
+      if session[:user_device_fingerprint] == device.fingerprint && device.updated_at > Time.zone.now - 30.minutes
         attributes['current'] = true
       end
       devices_full.push attributes