This repository is private.
All pages are served over SSL and all pushing and pulling is done over SSH.
No one may fork, clone, or view it unless they are added as a member.
Every repository with this icon (
) is private.
Every repository with this icon (
) is private.
This repository is public.
Anyone may fork, clone, or view it.
Every repository with this icon () is public.
Every repository with this icon (
) is public.
| Description: | Provides automatic session timeout in a Rails application. |
| Homepage: | http://matthewbass.com/2009/06/03/auto-timeout-sessions-in-rails/ |
| Clone URL: | git://github.com/pelargir/auto-session-timeout.git |
Matthew (author)
Sat Aug 22 06:05:40 -0700 2009
| name | age | message | |
|---|---|---|---|
 |
.gitignore | Sat Aug 22 06:05:40 -0700 2009 | |
| |
CHANGELOG | Wed Apr 22 04:41:31 -0700 2009 | |
| |
MIT-LICENSE | Wed Apr 22 04:41:31 -0700 2009 | |
| |
README | Wed Jun 03 17:08:06 -0700 2009 | |
| |
Rakefile | Wed Apr 22 07:15:43 -0700 2009 | |
| |
auto_session_timeout.gemspec | Sat Aug 22 06:05:40 -0700 2009 | |
| |
init.rb | Wed Apr 22 07:15:43 -0700 2009 | |
 |
lib/ | Wed Jun 03 16:57:53 -0700 2009 | |
| |
test/ | Wed Apr 22 14:59:23 -0700 2009 |
README
= auto-session-timeout
Provides automatic session timeout in a Rails application. Very easy
to install and configure. Have you ever wanted to force your users
off your app if they go idle for a certain period of time? Many
online banking sites use this technique. If your app is used on any
kind of public computer system, this plugin is a necessity.
== Installation
Install the gem directly:
sudo gem install pelargir-auto-session-timeout --source=http://gems.github.com
Or install the gem in your Rails project:
script/plugin install git://github.com/pelargir/auto-session-timeout.git
Or clone the project:
git clone git://github.com/pelargir/auto-session-timeout.git
== Usage
After installing, tell your application controller to use auto timeout:
class ApplicationController < ActionController::Base
auto_session_timeout 1.hour
...
end
You will also need to insert this line inside the <body></body> tags in
your views. The easiest way to do this is to insert it once inside your
default or application-wide layout. Make sure you are only rendering
it if the user is logged in, otherwise the plugin will attempt to force
non-existent sessions to timeout, wreaking havoc:
<html>
<head>...</head>
<body>
<% if logged_in? -%>
<%= auto_session_timeout_js %>
<% end -%>
...
</body>
</html>
You need to setup two actions: one to return the session status and
another that runs when the session times out. You can use the default
actions included with the plugin by inserting this line in your target
controller (most likely your user or session controller):
class SessionsController < ApplicationController
auto_session_timeout_actions
...
end
To customize the default actions, simply override them. You can call
the render_session_status and render_session_timeout methods to use
the default implementation from the plugin, or you can define the
actions entirely with your own custom code:
class SessionsController < ApplicationController
def active
render_session_status
end
def timeout
render_session_timeout
end
...
end
In any of these cases, make sure to properly map the actions in
your routes.rb file:
map.active '/active', :controller => 'sessions', :action => 'active'
map.timeout '/timeout', :controller => 'sessions', :action => 'timeout'
You're done! Enjoy watching your sessions automatically timeout.
== Additional Configuration
By default, the JavaScript code checks the server every 60 seconds for
active sessions. If you prefer that it check more frequently, pass a
frequency attribute to the helper method. The frequency is given in
seconds. The following example checks the server every 15 seconds:
<html>
<head>...</head>
<body>
<% if logged_in? -%>
<%= auto_session_timeout_js :frequency => 15 %>
<% end -%>
...
</body>
</html>
== Resources
Repository: http://github.com/pelargir/auto-session-timeout/
Blog: http://matthewbass.com
Author: Matthew Bass
