From 8d6c3cd48ae4f96752ff6b698bc7244d97aa9a27 Mon Sep 17 00:00:00 2001
From: Eugen Rochko <eugen@zeonfederated.com>
Date: Sat, 22 Jul 2017 01:09:10 +0200
Subject: [PATCH] Fix sessions being replaced needlessly (#4292)

---
 config/initializers/devise.rb | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
index bf61ea0ea..e6b0e90cb 100644
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@@ -1,8 +1,12 @@
 Warden::Manager.after_set_user except: :fetch do |user, warden|
-  SessionActivation.deactivate warden.cookies.signed['_session_id']
+  if user.session_active?(warden.cookies.signed['_session_id'] || warden.raw_session['auth_id'])
+    session_id = warden.cookies.signed['_session_id'] || warden.raw_session['auth_id']
+  else
+    session_id = user.activate_session(warden.request)
+  end
 
   warden.cookies.signed['_session_id'] = {
-    value: user.activate_session(warden.request),
+    value: session_id,
     expires: 1.year.from_now,
     httponly: true,
   }