module Devise::Models::SessionExpirable
SessionExpirable
verifies whether a user session has expired via the #session_expired?
method.
Options¶ ↑
SessionExpirable
adds the following options to devise_for:
-
timeout_in
: lifetime in seconds of an inactive user session -
default_last_request_at
: age to assume for sessions with nillast_request_at
Examples¶ ↑
user.session_expired?(30.minutes.ago)
Public Instance Methods
default_last_request_at()
click to toggle source
# File lib/devise_session_expirable/model.rb, line 46 def default_last_request_at self.class.default_last_request_at end
session_expired?(last_access)
click to toggle source
Accepts the time a session was last used and compares it to the oldest valid last_request_at
date for a session. If nil or any other falsy value is passed and the default_last_request_at
option is configured, the configured value will be used for the comparison.
Supports the Devise
rememberable
module by deferring to #remember_expired?
if the remember_created_at
attribute is set.
# File lib/devise_session_expirable/model.rb, line 36 def session_expired?(last_access) last_access ||= default_last_request_at return false if remember_exists_and_not_expired? !timeout_in.nil? && (!last_access || last_access <= timeout_in.ago) end
timeout_in()
click to toggle source
# File lib/devise_session_expirable/model.rb, line 42 def timeout_in self.class.timeout_in end