Class: Renalware::SessionTimeoutController

Inherits:

BaseController

Object
ApplicationController
ApplicationController
BaseController
Renalware::SessionTimeoutController

show all

Defined in:: app/controllers/renalware/session_timeout_controller.rb

Instance Method Summary collapse

#check_session_expired ⇒ Object

Note this action will NOT update the session activity (thus keeping the session alive) because we invoke #skip_timeout at the beginning of the filter chain.
#keep_session_alive ⇒ Object

session_controller.js invoked this action to when there is user activity on the page to update the session window.

Methods inherited from BaseController

#patient

Instance Method Details

#check_session_expired ⇒ `Object`

Note this action will NOT update the session activity (thus keeping the session alive) because we invoke #skip_timeout at the beginning of the filter chain. We could return the amount of time remaining before the session expires like so

time_left = Devise.timeout_in - (Time.now - user_session["last_request_at"]).round

and display this to the user if required.

# File 'app/controllers/renalware/session_timeout_controller.rb', line 25

def check_session_expired
  skip_authorization # pundit
  if referrer_is_a_devise_url? || !current_users_session_has_timed_out?
    head :ok
  else
    head :unauthorized
  end
end

#keep_session_alive ⇒ `Object`

session_controller.js invoked this action to when there is user activity on the page to update the session window. Note this will keep the session alive because we have NOT invoked skip_timeout before the action, so, like all controller actions, the user’s last_request_at time stamp is updated in their session cookie.

# File 'app/controllers/renalware/session_timeout_controller.rb', line 39

def keep_session_alive
  skip_authorization # pundit
  if referrer_is_a_devise_url? || !current_users_session_has_timed_out?
    head :ok
  else
    head :unauthorized
  end
end