mirror of
https://github.com/heartcombo/devise.git
synced 2022-11-09 12:18:31 -05:00
Making sure timeoutable respects rememberable if both are loaded.
This commit is contained in:
Pat Allan
José Valim
parent
fbb77a6edd
commit
16c39a9f17
2 changed files with 21 additions and 2 deletions
|
|
@ -22,9 +22,19 @@ module Devise
|
||||||
|
|
||||||
# Checks whether the user session has expired based on configured time.
|
# Checks whether the user session has expired based on configured time.
|
||||||
def timedout?(last_access)
|
def timedout?(last_access)
|
||||||
|
return false if remember_exists_and_not_expired?
|
||||||
|
|
||||||
last_access && last_access <= self.class.timeout_in.ago
|
last_access && last_access <= self.class.timeout_in.ago
|
||||||
end
|
end
|
||||||
|
|
||||||
|
private
|
||||||
|
|
||||||
|
def remember_exists_and_not_expired?
|
||||||
|
return false unless respond_to?(:remember_expired?)
|
||||||
|
|
||||||
|
remember_created_at && !remember_expired?
|
||||||
|
end
|
||||||
|
|
||||||
module ClassMethods
|
module ClassMethods
|
||||||
Devise::Models.config(self, :timeout_in)
|
Devise::Models.config(self, :timeout_in)
|
||||||
end
|
end
|
||||||
|
|
|
||||||
|
|
@ -77,4 +77,13 @@ class SessionTimeoutTest < ActionController::IntegrationTest
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
test 'time out not triggered if remembered' do
|
||||||
|
user = sign_in_as_user :remember_me => true
|
||||||
|
get expire_user_path(user)
|
||||||
|
assert_not_nil last_request_at
|
||||||
|
|
||||||
|
get users_path
|
||||||
|
assert_response :success
|
||||||
|
assert warden.authenticated?(:user)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue