lib/devise/rails/warden_compat.rb in devise-1.1.9 vs lib/devise/rails/warden_compat.rb in devise-1.2.rc

@@ -1,55 +1,54 @@
 module Warden::Mixins::Common
   def request
     @request ||= ActionDispatch::Request.new(env)
   end
 
+  # This is called internally by Warden on logout
   def reset_session!
-    raw_session.inspect # why do I have to inspect it to get it to clear?
-    raw_session.clear
+    request.reset_session
   end
 
   def cookies
     request.cookie_jar
   end
 end
 
 class Warden::SessionSerializer
   def serialize(record)
-    [record.class.name, record.id]
+    [record.class.name, record.to_key, record.authenticatable_salt]
   end
 
   def deserialize(keys)
-    klass, id = keys
-
-    if klass.is_a?(Class)
+    if keys.size == 2
       raise "Devise changed how it stores objects in session. If you are seeing this message, " <<
-        "you can fix it by changing one character in your cookie secret, forcing all previous " <<
-        "cookies to expire, or cleaning up your database sessions if you are using a db store."
+        "you can fix it by changing one character in your cookie secret or cleaning up your " <<
+        "database sessions if you are using a db store."
     end
 
-    klass.constantize.find(:first, :conditions => { :id => id })
-  rescue NameError => e
-    if e.message =~ /uninitialized constant/
-      Rails.logger.debug "Trying to deserialize invalid class #{klass}"
-      nil
-    else
-      raise
+    klass, id, salt = keys
+
+    begin
+      record = klass.constantize.to_adapter.get(id)
+      record if record && record.authenticatable_salt == salt
+    rescue NameError => e
+      if e.message =~ /uninitialized constant/
+        Rails.logger.debug "[Devise] Trying to deserialize invalid class #{klass}"
+        nil
+      else
+        raise
+      end
     end
   end
 end
 
 unless Devise.rack_session?
   # We cannot use Rails Indifferent Hash because it messes up the flash object.
   class Devise::IndifferentHash < Hash
     alias_method :regular_writer, :[]= unless method_defined?(:regular_writer)
     alias_method :regular_update, :update unless method_defined?(:regular_update)
 
-    def [](key)
-      super(convert_key(key))
-    end
-
     def []=(key, value)
       regular_writer(convert_key(key), value)
     end
 
     alias_method :store, :[]=
@@ -90,10 +89,9 @@
 
     undef :symbolize_keys!
     def symbolize_keys; to_hash.symbolize_keys end
 
     def to_options!; self end
-    def to_hash; Hash.new.update(self) end
 
     protected
 
     def convert_key(key)
       key.kind_of?(Symbol) ? key.to_s : key
\ No newline at end of file