Sha256: 72ad99581947b65a9ee49363dd2686364757313201640123b541ae3e67168a24

Contents?: true

Size: 900 Bytes

Versions: 17

Compression:

Stored size: 900 Bytes

Contents

# Each time a record is set we check whether its session has already timed out
# or not, based on last request time. If so, the record is logged out and
# redirected to the sign in page. Also, each time the request comes and the
# record is set, we set the last request time inside it's scoped session to
# verify timeout in the following request.
Warden::Manager.after_set_user do |record, warden, options|
  scope = options[:scope]

  if record && record.respond_to?(:timedout?) && warden.authenticated?(scope)
    last_request_at = warden.session(scope)['last_request_at']

    if record.timedout?(last_request_at)
      path_checker = Devise::PathChecker.new(warden.env, scope)
      unless path_checker.signing_out?
        warden.logout(scope)
        throw :warden, :scope => scope, :message => :timeout
      end
    end

    warden.session(scope)['last_request_at'] = Time.now.utc
  end
end

Version data entries

17 entries across 17 versions & 6 rubygems

Version Path
devise-1.1.9 lib/devise/hooks/timeoutable.rb
devise-1.1.8 lib/devise/hooks/timeoutable.rb
devise-1.1.7 lib/devise/hooks/timeoutable.rb
devise-1.1.6 lib/devise/hooks/timeoutable.rb
devise-jdguyot-1.2.rc lib/devise/hooks/timeoutable.rb
devise-1.1.5 lib/devise/hooks/timeoutable.rb
devise-1.1.4 lib/devise/hooks/timeoutable.rb
devise-1.2.rc lib/devise/hooks/timeoutable.rb
aihs_devise-1.2.rc lib/devise/hooks/timeoutable.rb
gonow-devise-1.2.rc lib/devise/hooks/timeoutable.rb
devise-edge-1.2.rc lib/devise/hooks/timeoutable.rb
devise-1.1.3 lib/devise/hooks/timeoutable.rb
devise-1.1.2 lib/devise/hooks/timeoutable.rb
devise-1.1.1 lib/devise/hooks/timeoutable.rb
devise-1.1.0 lib/devise/hooks/timeoutable.rb
namxam-devise-1.1.0.win lib/devise/hooks/timeoutable.rb
devise-1.1.rc2 lib/devise/hooks/timeoutable.rb