Sha256: bebcdcf64e923839ce2d4dccdd71b876445bfc3ba60d5d370ba1a1dc6fe748bd
Contents?: true
Size: 1.4 KB
Versions: 25
Compression:
Stored size: 1.4 KB
Contents
= Documentation for Session Expiration Feature
The session expiration feature allows setting an inactivity timeout and a max
lifetime for sessions. When this feature is used, you should use
+rodauth.check_session_expiration+ at the top (or other appropriate place)
in your routing tree.
route do |r|
rodauth.check_session_expiration
r.rodauth
# ...
end
When checking session expiration, if the last activity was more than the
inactivity timeout, or the session was created more the maximum lifetime
ago, the session is cleared, and the user is redirected to the login page.
== Auth Value Methods
max_session_lifetime :: The maximum number of seconds since session creation that sessions will be valid for, regardless of session activity. 86400 by default (1 day).
session_created_session_key :: The session key storing the session creation timestamp.
session_expiration_default :: Whether to expire sessions that don't have the created at or last activity at timestamps set, true by default.
session_expiration_error_flash :: The flash error to show if a session expires.
session_expiration_redirect :: Where to redirect if a session expires.
session_inactivity_timeout :: The maximum number of seconds allowed since the last activity before the session will be considered invalid. 1800 by default (30 minutes).
session_last_activity_session_key :: The session key storing the last session activity timestamp.
Version data entries
25 entries across 25 versions & 1 rubygems