logged in requests were being treated as anon, causing major havoc

This commit is contained in:
Sam 2013-10-17 10:37:06 +11:00
parent 85387b8f72
commit 1b81f73325
2 changed files with 5 additions and 1 deletions

View File

@ -73,7 +73,7 @@ class Auth::DefaultCurrentUserProvider
def has_auth_cookie?
request = Rack::Request.new(@env)
cookie = request.cookies[CURRENT_USER_KEY]
cookie = request.cookies[TOKEN_COOKIE]
!cookie.nil? && cookie.length == 32
end
end

View File

@ -19,6 +19,10 @@ describe Middleware::AnonymousCache::Helper do
it "is false for non GET" do
new_helper("ANON_CACHE_DURATION" => 10, "REQUEST_METHOD" => "POST").cacheable?.should be_false
end
it "is false if it has an auth cookie" do
new_helper("HTTP_COOKIE" => "jack=1; _t=#{"1"*32}; jill=2").cacheable?.should be_false
end
end
context "cached" do