From a88731bb9397bcf85fea04377fd87a2020ec062a Mon Sep 17 00:00:00 2001 From: Carlos Antonio da Silva Date: Mon, 23 Nov 2009 22:56:04 -0200 Subject: [PATCH] Adding i18n flash message when session is expired. --- lib/devise.rb | 2 +- lib/devise/hooks/timeoutable.rb | 5 +--- lib/devise/locales/en.yml | 1 + test/integration/timeoutable_test.rb | 37 +++++++++++++++++++--------- 4 files changed, 28 insertions(+), 17 deletions(-) diff --git a/lib/devise.rb b/lib/devise.rb index 6b01b25d..94d6fce7 100644 --- a/lib/devise.rb +++ b/lib/devise.rb @@ -14,7 +14,7 @@ module Devise # Maps the messages types that are used in flash message. This array is not # frozen, so you can add messages from your own strategies. - FLASH_MESSAGES = [ :unauthenticated, :unconfirmed, :invalid ] + FLASH_MESSAGES = [ :unauthenticated, :unconfirmed, :invalid, :timeout ] # Declare encryptors length which are used in migrations. ENCRYPTORS_LENGTH = { diff --git a/lib/devise/hooks/timeoutable.rb b/lib/devise/hooks/timeoutable.rb index bb906c59..019e6be0 100644 --- a/lib/devise/hooks/timeoutable.rb +++ b/lib/devise/hooks/timeoutable.rb @@ -6,10 +6,7 @@ Warden::Manager.after_set_user do |record, warden, options| if record.present? && record.respond_to?(:timeout?) scope = options[:scope] - # Current record may have already be logged out by another hook. - # For instance, Devise confirmable hook may have logged the record out. - # TODO: is it possible to move this check to warden? - # It should stop the hooks if the record is logged out by any of them. + # Record may have already been logged out by another hook (ie confirmable). if warden.authenticated?(scope) last_request_at = warden.session(scope)['last_request_at'] if record.timeout?(last_request_at) diff --git a/lib/devise/locales/en.yml b/lib/devise/locales/en.yml index 080f5973..5fc6899e 100644 --- a/lib/devise/locales/en.yml +++ b/lib/devise/locales/en.yml @@ -6,6 +6,7 @@ en: unauthenticated: 'You need to sign in or sign up before continuing.' unconfirmed: 'You have to confirm your account before continuing.' invalid: 'Invalid email or password.' + timeout: 'Your session expired, please sign in again to continue.' passwords: send_instructions: 'You will receive an email with instructions about how to reset your password in a few minutes.' updated: 'Your password was changed successfully. You are now signed in.' diff --git a/test/integration/timeoutable_test.rb b/test/integration/timeoutable_test.rb index 8046b723..8ee8436e 100644 --- a/test/integration/timeoutable_test.rb +++ b/test/integration/timeoutable_test.rb @@ -15,6 +15,18 @@ class SessionTimeoutTest < ActionController::IntegrationTest assert_not_equal old_last_request, last_request_at end + test 'not time out user session before default limit time' do + user = sign_in_as_user + + # Setup last_request_at to timeout + get edit_user_path(user) + assert_not_nil last_request_at + + get users_path + assert_response :success + assert warden.authenticated?(:user) + end + test 'time out user session after default limit time' do sign_in_as_user assert_response :success @@ -29,18 +41,6 @@ class SessionTimeoutTest < ActionController::IntegrationTest assert_not warden.authenticated?(:user) end - test 'not time out user session before default limit time' do - user = sign_in_as_user - - # Setup last_request_at to timeout - get edit_user_path(user) - assert_not_nil last_request_at - - get users_path - assert_response :success - assert warden.authenticated?(:user) - end - test 'user configured timeout limit' do swap Devise, :timeout => 8.minutes do user = sign_in_as_user @@ -57,4 +57,17 @@ class SessionTimeoutTest < ActionController::IntegrationTest end end + test 'error message with i18n' do + store_translations :en, :devise => { + :sessions => { :user => { :timeout => 'Session expired!' } } + } do + sign_in_as_user + # Setup last_request_at to timeout + get new_user_path + get users_path + follow_redirect! + assert_contain 'Session expired!' + end + end + end