2017-12-21 17:36:29 +00:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2010-03-31 19:43:19 +00:00
|
|
|
# Each time a record is set we check whether its session has already timed out
|
2009-11-23 01:29:03 +00:00
|
|
|
# or not, based on last request time. If so, the record is logged out and
|
|
|
|
# redirected to the sign in page. Also, each time the request comes and the
|
2011-08-16 20:06:13 +00:00
|
|
|
# record is set, we set the last request time inside its scoped session to
|
2009-11-23 01:29:03 +00:00
|
|
|
# verify timeout in the following request.
|
2009-11-23 00:19:29 +00:00
|
|
|
Warden::Manager.after_set_user do |record, warden, options|
|
2009-11-24 17:18:42 +00:00
|
|
|
scope = options[:scope]
|
2012-06-16 11:24:07 +00:00
|
|
|
env = warden.request.env
|
2010-06-13 10:39:20 +00:00
|
|
|
|
2015-11-02 22:53:09 +00:00
|
|
|
if record && record.respond_to?(:timedout?) && warden.authenticated?(scope) &&
|
|
|
|
options[:store] != false && !env['devise.skip_timeoutable']
|
2009-11-24 17:18:42 +00:00
|
|
|
last_request_at = warden.session(scope)['last_request_at']
|
2014-03-29 01:51:56 +00:00
|
|
|
|
|
|
|
if last_request_at.is_a? Integer
|
|
|
|
last_request_at = Time.at(last_request_at).utc
|
2014-08-05 17:53:51 +00:00
|
|
|
elsif last_request_at.is_a? String
|
|
|
|
last_request_at = Time.parse(last_request_at)
|
2014-03-29 01:51:56 +00:00
|
|
|
end
|
|
|
|
|
2013-11-06 20:07:38 +00:00
|
|
|
proxy = Devise::Hooks::Proxy.new(warden)
|
2010-01-14 14:47:14 +00:00
|
|
|
|
2016-01-22 15:18:57 +00:00
|
|
|
if record.timedout?(last_request_at) &&
|
|
|
|
!env['devise.skip_timeout'] &&
|
|
|
|
!proxy.remember_me_is_active?(record)
|
2013-11-21 15:26:34 +00:00
|
|
|
Devise.sign_out_all_scopes ? proxy.sign_out : proxy.sign_out(scope)
|
2014-02-25 16:42:55 +00:00
|
|
|
throw :warden, scope: scope, message: :timeout
|
2009-11-23 00:19:29 +00:00
|
|
|
end
|
2010-01-14 14:47:14 +00:00
|
|
|
|
2012-06-16 11:24:07 +00:00
|
|
|
unless env['devise.skip_trackable']
|
2014-03-29 01:51:56 +00:00
|
|
|
warden.session(scope)['last_request_at'] = Time.now.utc.to_i
|
2011-10-25 16:43:34 +00:00
|
|
|
end
|
2009-11-23 00:19:29 +00:00
|
|
|
end
|
|
|
|
end
|