module Sorcery::Controller::Submodules::SessionTimeout

This submodule helps you set a timeout to all user sessions. The timeout can be configured and also you can choose to reset it on every user action.

Attributes

session_timeout[RW]

how long in seconds to keep the session alive.

session_timeout_from_last_action[RW]

use the last action as the beginning of session timeout.

session_timeout_invalidate_active_sessions_enabled[RW]

allow users to invalidate active sessions

Public Class Methods

included(base) click to toggle source
# File lib/sorcery/controller/submodules/session_timeout.rb, line 7
def self.included(base)
  base.send(:include, InstanceMethods)
  Config.module_eval do
    class << self
      # how long in seconds to keep the session alive.
      attr_accessor :session_timeout
      # use the last action as the beginning of session timeout.
      attr_accessor :session_timeout_from_last_action
      # allow users to invalidate active sessions
      attr_accessor :session_timeout_invalidate_active_sessions_enabled

      def merge_session_timeout_defaults!
        @defaults.merge!(:@session_timeout                                    => 3600, # 1.hour
                         :@session_timeout_from_last_action                   => false,
                         :@session_timeout_invalidate_active_sessions_enabled => false)
      end
    end
    merge_session_timeout_defaults!
  end

  Config.after_login << :register_login_time
  Config.after_remember_me << :register_login_time

  base.prepend_before_action :validate_session
end
merge_session_timeout_defaults!() click to toggle source
# File lib/sorcery/controller/submodules/session_timeout.rb, line 18
def merge_session_timeout_defaults!
  @defaults.merge!(:@session_timeout                                    => 3600, # 1.hour
                   :@session_timeout_from_last_action                   => false,
                   :@session_timeout_invalidate_active_sessions_enabled => false)
end