Fixed race condition: AJAX data fetch requests re-set sessions that should get deleted by logout request.

This commit is contained in:
Thorsten Eckel 2018-06-26 09:26:19 +02:00
parent 967105b97f
commit 295844c72e

View file

@ -114,12 +114,13 @@ class SessionsController < ApplicationController
# "Delete" a login, aka "log the user out" # "Delete" a login, aka "log the user out"
def destroy def destroy
reset_session
# Remove the user id from the session # Remove the user id from the session
@_current_user = nil @_current_user = nil
# reset session # reset session
request.env['rack.session.options'][:expire_after] = nil request.env['rack.session.options'][:expire_after] = nil
session.clear
render json: {} render json: {}
end end