Class: Renalware::SessionTimeoutController

Inherits:

BaseController

• Object
• ApplicationController
• ApplicationController
• BaseController
• Renalware::SessionTimeoutController

Defined in:

app/controllers/renalware/session_timeout_controller.rb

Instance Method Summary

• #has_user_timed_out ⇒ Object

  Note this action will NOT update the session activity (thus keeping the session alive) because we invoke #skip_timeout at the beginning of the filter chain.

• #reset_user_clock ⇒ Object

  A user could invoke this action to keep their session alive, by for example clicking on a “Keep my session active” button which makes an ajax call to this action.

Methods inherited from BaseController

#patient

Instance Method Details

#has_user_timed_out ⇒ Object

Note this action will NOT update the session activity (thus keeping the session alive) because we invoke #skip_timeout at the beginning of the filter chain. We could return the amount of time remaining before the session expires like so

time_left = Devise.timeout_in - (Time.now - user_session["last_request_at"]).round

and display this to the user if required. rubocop :disable Naming/PredicateName

# File 'app/controllers/renalware/session_timeout_controller.rb', line 25

def has_user_timed_out
  skip_authorization
  if referrer_is_a_devise_url? || !current_users_session_has_timed_out?
    head(:ok)
  else
    flash[:notice] = "Your session timed due to inactivity. Please log in again."
    head :unauthorized
  end
end

#reset_user_clock ⇒ Object

A user could invoke this action to keep their session alive, by for example clicking on a “Keep my session active” button which makes an ajax call to this action. Note this will keep the session alive because we have not invoked skip_timeout before action, so, like all actions on all controllers, the user’s last_request_at time stamp is updated in their session cookie.

# File 'app/controllers/renalware/session_timeout_controller.rb', line 41

def reset_user_clock
  head :ok
end