diff --git a/app/assets/javascripts/app/views/profile/devices.jst.eco b/app/assets/javascripts/app/views/profile/devices.jst.eco
index c99ad563d..347b3ffc5 100644
--- a/app/assets/javascripts/app/views/profile/devices.jst.eco
+++ b/app/assets/javascripts/app/views/profile/devices.jst.eco
@@ -21,7 +21,7 @@
| <%= device.name %> |
<%= device.location %> |
<%- @humanTime(device.updated_at) %> |
- |
+ disabled<% end %>> |
<% end %>
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index d9ef7d6a6..7785c8063 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -98,6 +98,9 @@ class ApplicationController < ActionController::Base
# check user device
def check_user_device
+ # return if we are in switch to user mode
+ return if session[:switched_from_user_id]
+
# only if user_id exists
return if !session[:user_id]
@@ -108,11 +111,14 @@ class ApplicationController < ActionController::Base
return if session[:check_user_device_at] && session[:check_user_device_at] > Time.zone.now - 5.minutes
session[:check_user_device_at] = Time.zone.now
- UserDevice.add(
+ user_device = UserDevice.add(
session[:user_agent],
session[:remote_id],
session[:user_id],
)
+ if user_device.id != session[:check_user_device_id]
+ session[:check_user_device_id] = user_device.id
+ end
end
def authentication_check_only(auth_param)
diff --git a/app/controllers/user_devices_controller.rb b/app/controllers/user_devices_controller.rb
index 53870dbda..e80db5115 100644
--- a/app/controllers/user_devices_controller.rb
+++ b/app/controllers/user_devices_controller.rb
@@ -14,13 +14,29 @@ class UserDevicesController < ApplicationController
attributes.delete('created_at')
attributes.delete('device_details')
attributes.delete('location_details')
+
+ if session[:check_user_device_id] == device.id
+ attributes['current'] = true
+ end
devices_full.push attributes
}
model_index_render_result(devices_full)
end
def destroy
- UserDevice.where(user_id: current_user.id, id: params[:id]).destroy_all
+ # find device
+ user_device = UserDevice.find_by(user_id: current_user.id, id: params[:id])
+
+ # delete device and session's
+ if user_device
+ SessionHelper.list.each {|session|
+ next if !session.data['user_id']
+ next if !session.data['check_user_device_id']
+ next if session.data['check_user_device_id'] != user_device.id
+ SessionHelper.destroy( session.id )
+ }
+ user_device.destroy
+ end
render json: {}, status: :ok
end
diff --git a/app/models/user_device.rb b/app/models/user_device.rb
index 0c6b2d16d..1e9b5649a 100644
--- a/app/models/user_device.rb
+++ b/app/models/user_device.rb
@@ -9,7 +9,7 @@ class UserDevice < ApplicationModel
store device for user
- UserDevice.add(
+ user_device = UserDevice.add(
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.107 Safari/537.36',
'172.0.0.1',
user.id,