session.rb in typus-3.1.0.rc18

- old
+ new

@@ -5,11 +5,13 @@
       protected
 
       include Base
 
       def authenticate
-        session[:typus_user_id] ? admin_user : redirect_to(new_admin_session_path)
+        unless session[:typus_user_id] && admin_user && admin_user.active?
+          deauthenticate
+        end
       end
 
       def deauthenticate
         session[:typus_user_id] = nil
         redirect_to new_admin_session_path
@@ -19,15 +21,9 @@
       # Return the current user. If role does not longer exist on the system
       # admin_user will be signed out from the system.
       #++
       def admin_user
         @admin_user ||= Typus.user_class.find_by_id(session[:typus_user_id])
-
-        if !@admin_user || !Typus::Configuration.roles.has_key?(@admin_user.role) || !@admin_user.status
-          deauthenticate
-        end
-
-        @admin_user
       end
 
       #--
       # This method checks if the user can perform the requested action.
       # It works on models, so its available on the `resources_controller`.