module Sorcery::Controller::Submodules::SessionTimeout::InstanceMethods
Public Instance Methods
invalidate_active_sessions!()
click to toggle source
# File lib/sorcery/controller/submodules/session_timeout.rb, line 34 def invalidate_active_sessions! return unless Config.session_timeout_invalidate_active_sessions_enabled return unless current_user.present? current_user.send(:invalidate_sessions_before=, Time.now.in_time_zone) current_user.save end
Protected Instance Methods
register_login_time(_user, _credentials = nil)
click to toggle source
Registers last login to be used as the timeout starting point. Runs as a hook after a successful login.
# File lib/sorcery/controller/submodules/session_timeout.rb, line 46 def register_login_time(_user, _credentials = nil) session[:login_time] = session[:last_action_time] = Time.now.in_time_zone end
sorcery_session_expired?(time)
click to toggle source
# File lib/sorcery/controller/submodules/session_timeout.rb, line 62 def sorcery_session_expired?(time) Time.now.in_time_zone - time > Config.session_timeout end
sorcery_session_invalidated?()
click to toggle source
Use login time if present, otherwise use last action time.
# File lib/sorcery/controller/submodules/session_timeout.rb, line 67 def sorcery_session_invalidated? return false unless Config.session_timeout_invalidate_active_sessions_enabled return false unless current_user.present? && current_user.try(:invalidate_sessions_before).present? time = session[:login_time] || session[:last_action_time] || Time.now.in_time_zone time < current_user.invalidate_sessions_before end
validate_session()
click to toggle source
Checks if session timeout was reached and expires the current session if so. To be used as a before_action, before require_login
# File lib/sorcery/controller/submodules/session_timeout.rb, line 52 def validate_session session_to_use = Config.session_timeout_from_last_action ? session[:last_action_time] : session[:login_time] if (session_to_use && sorcery_session_expired?(session_to_use.to_time)) || sorcery_session_invalidated? reset_sorcery_session remove_instance_variable :@current_user if defined? @current_user else session[:last_action_time] = Time.now.in_time_zone end end