Revert "fix: #271 (#273)" (#280)

NeonGamerBot-QK · web-flow · commit 31edab795cd9 · 2025-12-08T13:43:08.000-05:00
This reverts commit f750d48.
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -14,11 +14,10 @@ class ApplicationController < ActionController::Base
   def current_user(preloads = [])
     return @current_user if defined?(@current_user)
 
-    if session[:user_id] && session[:session_token]
+    if session[:user_id]
       scope = User.where(id: session[:user_id])
       scope = scope.includes(*preloads) unless preloads.empty?
-      user = scope.first
-      @current_user = user if user&.valid_session_token?(session[:session_token])
+      @current_user = scope.first
     end
   end
   helper_method :current_user
diff --git a/app/controllers/magic_links_controller.rb b/app/controllers/magic_links_controller.rb
@@ -18,10 +18,8 @@ def verify
 
     if user&.magic_link_valid?
       user.clear_magic_link_token!
-      user.regenerate_session_token!
       reset_session
       session[:user_id] = user.id
-      session[:session_token] = user.session_token
       target_path = user.setup_complete? ? projects_path : kitchen_path
       redirect_to target_path, notice: "Successfully signed in via magic link"
     else
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
@@ -33,10 +33,7 @@ def create
 
     SyncSlackDisplayNameJob.perform_later(user)
 
-    user.regenerate_session_token!
-    reset_session
     session[:user_id] = user.id
-    session[:session_token] = user.session_token
     user.complete_tutorial_step! :first_login
     redirect_to(user.setup_complete? ? projects_path : kitchen_path, notice: "Signed in with Hack Club")
   end
diff --git a/app/models/user.rb b/app/models/user.rb
@@ -17,7 +17,6 @@
 #  projects_count              :integer
 #  region                      :string
 #  send_votes_to_slack         :boolean          default(FALSE), not null
-#  session_token               :string
 #  synced_at                   :datetime
 #  tutorial_steps_completed    :string           default([]), is an Array
 #  verification_status         :string           default("needs_submission"), not null
@@ -32,7 +31,6 @@
 #  index_users_on_email             (email)
 #  index_users_on_magic_link_token  (magic_link_token) UNIQUE
 #  index_users_on_region            (region)
-#  index_users_on_session_token     (session_token) UNIQUE
 #  index_users_on_slack_id          (slack_id) UNIQUE
 #
 class User < ApplicationRecord
@@ -141,14 +139,6 @@ def clear_magic_link_token!
     update!(magic_link_token: nil, magic_link_token_expires_at: nil)
   end
 
-  def regenerate_session_token!
-    update!(session_token: SecureRandom.urlsafe_base64(32))
-  end
-
-  def valid_session_token?(token)
-    session_token.present? && ActiveSupport::SecurityUtils.secure_compare(session_token, token.to_s)
-  end
-
   def balance
     ledger_entries.sum(:amount)
   end
diff --git a/db/migrate/20251208143923_add_session_token_to_users.rb b/db/migrate/20251208143923_add_session_token_to_users.rb
diff --git a/db/schema.rb b/db/schema.rb
diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml
@@ -19,7 +19,6 @@
 #  projects_count              :integer
 #  region                      :string
 #  send_votes_to_slack         :boolean          default(FALSE), not null
-#  session_token               :string
 #  synced_at                   :datetime
 #  tutorial_steps_completed    :string           default([]), is an Array
 #  verification_status         :string           default("needs_submission"), not null
@@ -34,7 +33,6 @@
 #  index_users_on_email             (email)
 #  index_users_on_magic_link_token  (magic_link_token) UNIQUE
 #  index_users_on_region            (region)
-#  index_users_on_session_token     (session_token) UNIQUE
 #  index_users_on_slack_id          (slack_id) UNIQUE
 #
 one:
diff --git a/test/models/user_test.rb b/test/models/user_test.rb
@@ -17,7 +17,6 @@
 #  projects_count              :integer
 #  region                      :string
 #  send_votes_to_slack         :boolean          default(FALSE), not null
-#  session_token               :string
 #  synced_at                   :datetime
 #  tutorial_steps_completed    :string           default([]), is an Array
 #  verification_status         :string           default("needs_submission"), not null
@@ -32,7 +31,6 @@
 #  index_users_on_email             (email)
 #  index_users_on_magic_link_token  (magic_link_token) UNIQUE
 #  index_users_on_region            (region)
-#  index_users_on_session_token     (session_token) UNIQUE
 #  index_users_on_slack_id          (slack_id) UNIQUE
 #
 require "test_helper"
