Module: Authenticate::Model::Lifetimed

Extended by:

ActiveSupport::Concern

Defined in:

lib/authenticate/model/lifetimed.rb

Overview

Imposes a maximum allowed lifespan on a user’s session, after which the session is expired and requires re-authentication.

Configuration

Set the maximum session lifetime in the initializer, giving a timestamp.

Authenticate.configure do |config|
  config.max_session_lifetime = 8.hours
end

If the max_session_lifetime configuration parameter is nil, the :lifetimed module is not loaded.

Columns

• current_sign_in_at - requires ‘current_sign_in_at` column. This column is managed by the :trackable plugin.

Methods

• max_session_lifetime_exceeded? - true if the user’s session has exceeded the max lifetime allowed

Class Method Summary

• .required_fields(_klass) ⇒ Object

Instance Method Summary

• #max_session_lifetime_exceeded? ⇒ Boolean

  Has the session reached its maximum allowed lifespan?.

Class Method Details

.required_fields(_klass) ⇒ Object

# File 'lib/authenticate/model/lifetimed.rb', line 28

def self.required_fields(_klass)
  [:current_sign_in_at]
end

Instance Method Details

#max_session_lifetime_exceeded? ⇒ Boolean

Has the session reached its maximum allowed lifespan?

Returns:

• (Boolean)

# File 'lib/authenticate/model/lifetimed.rb', line 33

def max_session_lifetime_exceeded?
  return false if max_session_lifetime.nil?
  return false if current_sign_in_at.nil?
  current_sign_in_at <= max_session_lifetime.ago
end