module Authenticate::Model::Lifetimed

Imposes a maximum allowed lifespan on a user's session, after which the session is expired and requires re-authentication.

Configuration

Set the maximum session lifetime in the initializer, giving a timestamp.

Authenticate.configure do |config|
  config.max_session_lifetime = 8.hours
end

If the max_session_lifetime configuration parameter is nil, the :lifetimed module is not loaded.

Columns

Methods

Public Class Methods

required_fields(_klass) click to toggle source
# File lib/authenticate/model/lifetimed.rb, line 28
def self.required_fields(_klass)
  [:current_sign_in_at]
end

Public Instance Methods

max_session_lifetime_exceeded?() click to toggle source

Has the session reached its maximum allowed lifespan?

# File lib/authenticate/model/lifetimed.rb, line 33
def max_session_lifetime_exceeded?
  return false if max_session_lifetime.nil?
  return false if current_sign_in_at.nil?
  current_sign_in_at <= max_session_lifetime.ago
end

Private Instance Methods

max_session_lifetime() click to toggle source
# File lib/authenticate/model/lifetimed.rb, line 41
def max_session_lifetime
  Authenticate.configuration.max_session_lifetime
end