# HG changeset patch
# User Nattee Niparnan <nattee@gmail.com>
# Date 2022-10-28 00:29:18
# Node ID 327f656f454510331c1d721a82ae25a57cf9d212
# Parent  d7fa5bf1aeba317b6f1e66f5aa478d92e05b58a6

prevent multiple place login using uuid cookie

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -71,6 +71,9 @@
     unless cookies.encrypted[:uuid]
       value = SecureRandom.uuid
       cookies.encrypted[:uuid] = { value: value, expires: 20.year }
+      return value
+    else
+      return cookies.encrypted[:uuid]
     end
   end
 
@@ -131,13 +134,13 @@
     #this assume that we have already authenticate normally
     unless GraderConfiguration[MULTIPLE_IP_LOGIN_CONF_KEY]
       user = User.find(session[:user_id])
-      if (!user.admin? && user.last_ip && user.last_ip != request.remote_ip)
-        flash[:notice] = "You cannot use the system from #{request.remote_ip}. Your last ip is #{user.last_ip}"
+      if (!user.admin? && user.last_ip && user.last_ip != unique_visitor_id)
+        flash[:notice] = "You cannot use the system from two different places"
         redirect_to :controller => 'main', :action => 'login'
         return false
       end
       unless user.last_ip
-        user.last_ip = request.remote_ip
+        user.last_ip = unique_visitor_id
         user.save
       end
     end