2009-11-22 19:19:29 -05:00
|
|
|
require 'devise/hooks/timeoutable'
|
|
|
|
|
|
|
|
|
|
module Devise
|
|
|
|
|
module Models
|
2009-11-22 20:29:03 -05:00
|
|
|
# Timeoutable takes care of veryfing whether a user session has already
|
|
|
|
|
# expired or not. When a session expires after the configured time, the user
|
|
|
|
|
# will be asked for credentials again, it means, he/she will be redirected
|
|
|
|
|
# to the sign in page.
|
|
|
|
|
#
|
2010-07-15 07:01:31 -04:00
|
|
|
# == Options
|
|
|
|
|
#
|
|
|
|
|
# Timeoutable adds the following options to devise_for:
|
|
|
|
|
#
|
|
|
|
|
# * +timeout_in+: the interval to timeout the user session without activity.
|
|
|
|
|
#
|
|
|
|
|
# == Examples
|
|
|
|
|
#
|
|
|
|
|
# user.timedout?(30.minutes.ago)
|
2009-11-22 20:29:03 -05:00
|
|
|
#
|
2009-11-22 19:19:29 -05:00
|
|
|
module Timeoutable
|
2010-02-17 06:35:38 -05:00
|
|
|
extend ActiveSupport::Concern
|
2009-11-22 19:33:19 -05:00
|
|
|
|
|
|
|
|
# Checks whether the user session has expired based on configured time.
|
2010-01-14 09:47:14 -05:00
|
|
|
def timedout?(last_access)
|
2010-09-29 00:21:07 -04:00
|
|
|
return false if remember_exists_and_not_expired?
|
|
|
|
|
|
2009-11-24 21:11:49 -05:00
|
|
|
last_access && last_access <= self.class.timeout_in.ago
|
2009-11-22 19:19:29 -05:00
|
|
|
end
|
2010-09-29 00:21:07 -04:00
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
|
|
def remember_exists_and_not_expired?
|
|
|
|
|
return false unless respond_to?(:remember_expired?)
|
|
|
|
|
|
|
|
|
|
remember_created_at && !remember_expired?
|
|
|
|
|
end
|
|
|
|
|
|
2009-11-22 19:19:29 -05:00
|
|
|
module ClassMethods
|
2009-11-24 21:11:49 -05:00
|
|
|
Devise::Models.config(self, :timeout_in)
|
2009-11-22 19:19:29 -05:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
