module Authenticate::Model::Lifetimed
Imposes a maximum allowed lifespan on a user's session, after which the session is expired and requires re-authentication.
Configuration
¶ ↑
Set the maximum session lifetime in the initializer, giving a timestamp.
Authenticate.configure do |config| config.max_session_lifetime = 8.hours end
If the max_session_lifetime
configuration parameter is nil, the :lifetimed module is not loaded.
Columns¶ ↑
-
current_sign_in_at - requires `current_sign_in_at` column. This column is managed by the :trackable plugin.
Methods¶ ↑
-
max_session_lifetime_exceeded? - true if the user's session has exceeded the max lifetime allowed
Public Class Methods
required_fields(_klass)
click to toggle source
# File lib/authenticate/model/lifetimed.rb, line 28 def self.required_fields(_klass) [:current_sign_in_at] end
Public Instance Methods
max_session_lifetime_exceeded?()
click to toggle source
Has the session reached its maximum allowed lifespan?
# File lib/authenticate/model/lifetimed.rb, line 33 def max_session_lifetime_exceeded? return false if max_session_lifetime.nil? return false if current_sign_in_at.nil? current_sign_in_at <= max_session_lifetime.ago end
Private Instance Methods
max_session_lifetime()
click to toggle source
# File lib/authenticate/model/lifetimed.rb, line 41 def max_session_lifetime Authenticate.configuration.max_session_lifetime end