module Authenticate::Model::Timeoutable
Expire user sessions that have not been accessed within a certain period of time. Expired users will be asked for credentials again.
Timeoutable
is enabled and configured with the `timeout_in` configuration parameter. Example:
Authenticate.configure do |config| config.timeout_in = 15.minutes end
Columns¶ ↑
This module expects and tracks this column on your user model:
-
last_access_at - datetime of the last access by the user
Configuration
¶ ↑
-
timeout_in
- maximum idle time allowed before session is invalidated. nil shuts off this feature.
You must specify a non-nil timeout_in
in your initializer to enable Timeoutable
.
Methods¶ ↑
-
timedout? - has this user timed out? @return
-
timeout_in
- look up timeout period in config, @return [ActiveSupport::CoreExtensions::Numeric::Time]
Public Class Methods
required_fields(_klass)
click to toggle source
# File lib/authenticate/model/timeoutable.rb, line 31 def self.required_fields(_klass) [:last_access_at] end
Public Instance Methods
timedout?()
click to toggle source
Checks whether the user session has expired based on configured time.
# File lib/authenticate/model/timeoutable.rb, line 36 def timedout? return false if timeout_in.nil? return false if last_access_at.nil? last_access_at <= timeout_in.ago end
Private Instance Methods
timeout_in()
click to toggle source
# File lib/authenticate/model/timeoutable.rb, line 44 def timeout_in Authenticate.configuration.timeout_in end