Module: Authlogic::Session::Timeout

Included in:
Base
Defined in:
lib/authlogic/session/timeout.rb

Overview

Think about financial websites, if you are inactive for a certain period of time you will be asked to log back in on your next request. You can do this with Authlogic easily, there are 2 parts to this:

  1. Define the timeout threshold:

acts_as_authentic do |c|
  c.logged_in_timeout = 10.minutes # default is 10.minutes
end
  1. Enable logging out on timeouts

class UserSession < Authlogic::Session::Base
  logout_on_timeout true # default if false
end

This will require a user to log back in if they are inactive for more than 10 minutes. In order for this feature to be used you must have a last_request_at datetime column in your table for whatever model you are authenticating with.

Defined Under Namespace

Modules: Config, InstanceMethods

Class Method Summary collapse

Class Method Details

.included(klass) ⇒ Object



22
23
24
25
26
27
28
29
30
# File 'lib/authlogic/session/timeout.rb', line 22

def self.included(klass)
  klass.class_eval do
    extend Config
    include InstanceMethods
    before_persisting :reset_stale_state, :unless => :single_access?
    after_persisting :enforce_timeout,    :unless => :single_access?
    attr_accessor :stale_record
  end
end