Sha256: 9d53d9602d7a51f7d2e549200ddcb062a92dd2ec869b9be58d8705f6e14a4f7e
Contents?: true
Size: 2 KB
Versions: 11
Compression:
Stored size: 2 KB
Contents
module Sorcery
module Controller
module Submodules
# This submodule helps you set a timeout to all user sessions.
# The timeout can be configured and also you can choose to reset it on every user action.
module SessionTimeout
def self.included(base)
base.send(:include, InstanceMethods)
Config.module_eval do
class << self
attr_accessor :session_timeout, # how long in seconds to keep the session alive.
:session_timeout_from_last_action # use the last action as the beginning of session timeout.
def merge_session_timeout_defaults!
@defaults.merge!(:@session_timeout => 3600, # 1.hour
:@session_timeout_from_last_action => false)
end
end
merge_session_timeout_defaults!
end
Config.after_login << :register_login_time
base.prepend_before_filter :validate_session
end
module InstanceMethods
protected
# Registers last login to be used as the timeout starting point.
# Runs as a hook after a successful login.
def register_login_time(user, credentials)
session[:login_time] = session[:last_action_time] = Time.now.utc
end
# Checks if session timeout was reached and expires the current session if so.
# To be used as a before_filter, before require_login
def validate_session
session_to_use = Config.session_timeout_from_last_action ? session[:last_action_time] : session[:login_time]
if session_to_use && (Time.now.utc - session_to_use > Config.session_timeout)
reset_session
@current_user = false
else
session[:last_action_time] = Time.now.utc
end
end
end
end
end
end
end
Version data entries
11 entries across 11 versions & 1 rubygems