Do not use the issues tracker for help or support, try Stack Overflow.
For bugs, do a quick search and make sure the bug has not yet been reported
If you found a security bug, do not report it through GitHub. Please send an e-mail to heartcombo@googlegroups.com instead.
Finally, be nice and have fun!
Environment
Ruby 3.2.2
Rails 7.0.8
Devise 4.9.3
Current behavior
Timeoutable primarily concerns itself with last_request_at. But for storing this value in the session, the code checks unless env['devise.skip_trackable']. Trackable doesn't concern itself with last_request_at, so it's unclear why this check exists.
In our codebase, we're attempting to skip trackable to call update_tracked_fields! ourselves, but this incidentally breaks timeoutable by failing to store last_request_at.
I'm happy to PR this, but given the code was written 11 years ago, I was reticent without first confirming this was undesired behavior.
Expected behavior
Setting env['devise.skip_trackable'] to false should have no effect on last_request_at being stored.
Pre-check
Environment
Current behavior
Timeoutableprimarily concerns itself withlast_request_at. But for storing this value in the session, the code checksunless env['devise.skip_trackable'].Trackabledoesn't concern itself withlast_request_at, so it's unclear why this check exists.In our codebase, we're attempting to skip trackable to call
update_tracked_fields!ourselves, but this incidentally breaks timeoutable by failing to storelast_request_at.I'm happy to PR this, but given the code was written 11 years ago, I was reticent without first confirming this was undesired behavior.
Expected behavior
Setting
env['devise.skip_trackable']to false should have no effect onlast_request_atbeing stored.