Module: Authlogic::Session::Timeout

Included in:
Base
Defined in:
lib/authlogic/session/timeout.rb

Overview

Timeout

This is reponsibile for determining if the session is stale or fresh. It is also responsible for maintaining the last_request_at value if the column is present.

Think about how financial websites work. If you are inactive after a certain period of time you must log back in. By default this is disabled, but if enabled this module kicks in. See the logout_on_timeout configuration option for how to turn this on.

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.included(klass) ⇒ Object


10
11
12
13
14
15
16
# File 'lib/authlogic/session/timeout.rb', line 10

def self.included(klass)
  klass.class_eval do
    alias_method_chain :find_record, :timeout
    after_find :update_last_request_at!
    after_save :update_last_request_at!
  end
end

Instance Method Details

#find_record_with_timeoutObject

This implements the stale functionality when trying to find a session. If the session is stale the record will be cleared, but the session object will still be returned. This allows you to perform a current_user_session.stale? query in order to inform your users of why they need to log back in.


20
21
22
23
24
# File 'lib/authlogic/session/timeout.rb', line 20

def find_record_with_timeout
  result = find_record_without_timeout
  self.record = nil if result && stale?
  result
end

#stale?Boolean

Tells you if the record is stale or not. Meaning the record has timed out. This will only return true if you set logout_on_timeout to true in your configuration. Basically how a bank website works. If you aren't active over a certain period of time your session becomes stale and requires you to log back in.

Returns:

  • (Boolean)

28
29
30
# File 'lib/authlogic/session/timeout.rb', line 28

def stale?
  logout_on_timeout? && record && record.logged_out?
end