diff --git a/lib/devise/failure_app.rb b/lib/devise/failure_app.rb index 54d214a4..08b02568 100644 --- a/lib/devise/failure_app.rb +++ b/lib/devise/failure_app.rb @@ -78,7 +78,14 @@ module Devise def redirect_url if warden_message == :timeout flash[:timedout] = true - attempted_path || scope_path + + path = if request.get? + attempted_path + else + request.referrer + end + + path || scope_path else scope_path end diff --git a/test/integration/timeoutable_test.rb b/test/integration/timeoutable_test.rb index c5283537..cd1e49a6 100644 --- a/test/integration/timeoutable_test.rb +++ b/test/integration/timeoutable_test.rb @@ -45,6 +45,16 @@ class SessionTimeoutTest < ActionDispatch::IntegrationTest assert_not warden.authenticated?(:user) end + test 'time out user session after deault limit time and redirect to latest get request' do + user = sign_in_as_user + visit edit_form_user_path(user) + + click_button 'Update' + sign_in_as_user + + assert_equal edit_form_user_url(user), current_url + end + test 'time out is not triggered on sign out' do user = sign_in_as_user get expire_user_path(user) diff --git a/test/rails_app/app/controllers/users_controller.rb b/test/rails_app/app/controllers/users_controller.rb index 4fe52328..d889de69 100644 --- a/test/rails_app/app/controllers/users_controller.rb +++ b/test/rails_app/app/controllers/users_controller.rb @@ -8,6 +8,14 @@ class UsersController < ApplicationController respond_with(current_user) end + def edit_form + user_session['last_request_at'] = 31.minutes.ago.utc + end + + def update_form + render :text => 'Update' + end + def accept @current_user = current_user end diff --git a/test/rails_app/app/views/users/edit_form.html.erb b/test/rails_app/app/views/users/edit_form.html.erb new file mode 100644 index 00000000..b7a2e31c --- /dev/null +++ b/test/rails_app/app/views/users/edit_form.html.erb @@ -0,0 +1 @@ +<%= button_to 'Update', update_form_user_path(current_user), method: 'put' %> diff --git a/test/rails_app/config/routes.rb b/test/rails_app/config/routes.rb index 1363d2cd..9496f86c 100644 --- a/test/rails_app/config/routes.rb +++ b/test/rails_app/config/routes.rb @@ -1,8 +1,12 @@ Rails.application.routes.draw do # Resources for testing resources :users, :only => [:index] do - get :expire, :on => :member - get :accept, :on => :member + member do + get :expire + get :accept + get :edit_form + put :update_form + end authenticate do post :exhibit, :on => :member