module Devise::Models::SessionExpirable

SessionExpirable verifies whether a user session has expired via the #session_expired? method.

Options

SessionExpirable adds the following options to devise_for:

Examples

user.session_expired?(30.minutes.ago)

Public Instance Methods

default_last_request_at() click to toggle source
# File lib/devise_session_expirable/model.rb, line 46
def default_last_request_at
  self.class.default_last_request_at
end
session_expired?(last_access) click to toggle source

Accepts the time a session was last used and compares it to the oldest valid last_request_at date for a session. If nil or any other falsy value is passed and the default_last_request_at option is configured, the configured value will be used for the comparison.

Supports the Devise rememberable module by deferring to #remember_expired? if the remember_created_at attribute is set.

# File lib/devise_session_expirable/model.rb, line 36
def session_expired?(last_access)
  last_access ||= default_last_request_at
  return false if remember_exists_and_not_expired?
  !timeout_in.nil? && (!last_access || last_access <= timeout_in.ago)
end
timeout_in() click to toggle source
# File lib/devise_session_expirable/model.rb, line 42
def timeout_in
  self.class.timeout_in
end