2010-03-31 21:43:19 +02:00
|
|
|
# Each time a record is set we check whether its session has already timed out
|
2009-11-22 23:29:03 -02:00
|
|
|
# or not, based on last request time. If so, the record is logged out and
|
|
|
|
|
# redirected to the sign in page. Also, each time the request comes and the
|
|
|
|
|
# record is set, we set the last request time inside it's scoped session to
|
|
|
|
|
# verify timeout in the following request.
|
2009-11-22 22:19:29 -02:00
|
|
|
Warden::Manager.after_set_user do |record, warden, options|
|
2009-11-24 15:18:42 -02:00
|
|
|
scope = options[:scope]
|
2010-01-14 15:47:14 +01:00
|
|
|
if record && record.respond_to?(:timedout?) && warden.authenticated?(scope)
|
2009-11-24 15:18:42 -02:00
|
|
|
last_request_at = warden.session(scope)['last_request_at']
|
2010-01-14 15:47:14 +01:00
|
|
|
|
|
|
|
|
if record.timedout?(last_request_at)
|
2009-11-24 15:18:42 -02:00
|
|
|
warden.logout(scope)
|
|
|
|
|
throw :warden, :scope => scope, :message => :timeout
|
2009-11-22 22:19:29 -02:00
|
|
|
end
|
2010-01-14 15:47:14 +01:00
|
|
|
|
2009-11-24 15:18:42 -02:00
|
|
|
warden.session(scope)['last_request_at'] = Time.now.utc
|
2009-11-22 22:19:29 -02:00
|
|
|
end
|
|
|
|
|
end
|
