Contents

require 'authenticate/callbacks/timeoutable'

module Authenticate
  module Model

    # Expire user sessions that have not been accessed within a certain period of time.
    # Expired users will be asked for credentials again.
    #
    # Timeoutable is enabled and configured with the `timeout_in` configuration parameter.
    # Example:
    #
    #   Authenticate.configure do |config|
    #     config.timeout_in = 15.minutes
    #   end
    #
    # = Columns
    # This module expects and tracks this column on your user model:
    # * last_access_at - datetime of the last access by the user
    #
    # = Configuration
    # * timeout_in - maximum idle time allowed before session is invalidated. nil shuts off this feature.
    #
    # You must specify a non-nil timeout_in in your initializer to enable Timeoutable.
    #
    # = Methods
    # * timedout? - has this user timed out? @return[Boolean]
    # * timeout_in - look up timeout period in config, @return [ActiveSupport::CoreExtensions::Numeric::Time]
    #
    module Timeoutable
        extend ActiveSupport::Concern

        def self.required_fields(_klass)
          [:last_access_at]
        end

        # Checks whether the user session has expired based on configured time.
        def timedout?
          return false if timeout_in.nil?
          return false if last_access_at.nil?
          last_access_at <= timeout_in.ago
        end

        private

        def timeout_in
          Authenticate.configuration.timeout_in
        end
    end
  end
end

Version data entries

2 entries across 2 versions & 1 rubygems

Version	Path
authenticate-0.3.1	lib/authenticate/model/timeoutable.rb
authenticate-0.3.0	lib/authenticate/model/timeoutable.rb