Max number of devices in new session #1115
Conversation
|
@Evan-M You need to rebase |
* There was prior discussion around removing this line of code, inside lynndylanhurley#990. See: lynndylanhurley#990 (comment) * While line in question _is_ superfluous, removing it was blocked by a bad test. This test was corrected in the previous commit (9ebc5bd).
* Previous version featured an `Enumerable#min_by` loop _inside_ a `while` loop, resulting in `O(n^2)` complexity. * Instead, break things into two separate loops, and skip altogether if they aren't even necessary.
Evan-M
force-pushed
the
max_number_of_devices_in_new_session
branch
from
3b63cfe
to
04afcda
Compare
|
@MaicolBen rebased. |
| @resource.create_new_auth_token | ||
| # REVIEW: The following line _should_ be safe to remove; | ||
| # the generated token does not get used anywhere. | ||
| # @resource.create_new_auth_token |
There was a problem hiding this comment.
update_auth_header should use this, but if you say so, we can remove it
There was a problem hiding this comment.
Rather confusingly, there are two methods with that name.
the model concern:
devise_token_auth/app/models/devise_token_auth/concerns/user.rb
Lines 199 to 205 in 38d27cf
and the controller concern:
I'll assume you mean the one in the controller concern (the same file as this change)...
Regardless, I'm not sure I understand what you mean. This is inside a conditional block for the use case of when DeviseTokenAuth.enable_standard_devise_support = true and the user has already authenticated with Devise in the session via Warden. There is no need for an auth token in that case, so why would we create one here?
| # to expedite tests! (Default is 10) | ||
| DeviseTokenAuth.max_number_of_devices = 5 | ||
|
|
||
| # @max_devices = DeviseTokenAuth.max_number_of_devices |
There was a problem hiding this comment.
remove the commented line, or is this documentation?
There was a problem hiding this comment.
It is cruft and I didn't mean to leave it in the commit! 😆
| # Add a new device (and token) ahead of the next iteration | ||
| @resource.create_new_auth_token | ||
|
|
||
| # refute_equal initial_tokens, @resource.reload.tokens |
There was a problem hiding this comment.
why this refute is commented?
There was a problem hiding this comment.
I actually meant to remove it. While the test still passes with it uncommented (along with line 423 above), it really doesn't add anything to the test here. We've already asserted that the number of concurrent tokens/devices is correct; if anything the addition of this test will make the test more brittle.
| post :create, params: @user_session_params | ||
| end | ||
|
|
||
| oldest_token, _ = @existing_user.reload.tokens \ |
There was a problem hiding this comment.
That is purely convention, although I used it incorrectly...
https://github.com/bbatsov/ruby-style-guide#trailing-underscore-variables
It should either be:
oldest_token, = \
@existing_user.reload.tokens \
.min_by { |cid, v| v[:expiry] || v["expiry"] } # => [ <"client_id">, {...<token>...} ]or
oldest_client_id, _oldest_token = \
@existing_user.reload.tokens \
.min_by { |cid, v| v[:expiry] || v["expiry"] } # => [ <"client_id">, {...<token>...} ]If you really truly think I should remove the , _ entirely, I will add a comment that an array is returned by #min_by.
On a different note, I've been itching to create an issue to get rubocop setup on this repo, so that stylistic issues like this are a non-issue.
There was a problem hiding this comment.
You're right, thank you for the long explanation, and if you enable rubocop, there will be tons of issues, that's why we have Code Climate that analyzes only the differences. I will create an issue for it 😄
EDIT: the issue is #1124
|
Tests pass. Merging away! |
Additional refactoring, per discussion in #1109.
See: #1109 (review) and #1109 (comment)