Module: Authenticate::Model::Timeoutable

Extended by:: ActiveSupport::Concern

Defined in:: lib/authenticate/model/timeoutable.rb

Overview

Expire user sessions that have not been accessed within a certain period of time. Expired users will be asked for credentials again.

Timeoutable is enabled and configured with the ‘timeout_in` configuration parameter. Example:

Authenticate.configure do |config|
  config.timeout_in = 15.minutes
end

Columns

This module expects and tracks this column on your user model:

last_access_at - datetime of the last access by the user

Configuration

timeout_in - maximum idle time allowed before session is invalidated. nil shuts off this feature.

You must specify a non-nil timeout_in in your initializer to enable Timeoutable.

Methods

timedout? - has this user timed out? @return
timeout_in - look up timeout period in config, @return [ActiveSupport::CoreExtensions::Numeric::Time]

Class Method Summary collapse

.required_fields(klass) ⇒ Object

Instance Method Summary collapse

#timedout? ⇒ Boolean

Checks whether the user session has expired based on configured time.

Class Method Details

.required_fields(klass) ⇒ `Object`



32
33
34

# File 'lib/authenticate/model/timeoutable.rb', line 32

def self.required_fields(klass)
  [:last_access_at]
end

Instance Method Details

#timedout? ⇒ `Boolean`

Checks whether the user session has expired based on configured time.

Returns:

(Boolean)

# File 'lib/authenticate/model/timeoutable.rb', line 37

def timedout?
  return false if timeout_in.nil?
  return false if last_access_at.nil?
  last_access_at <= timeout_in.ago
end