Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

idle session timeout for rails on per controller base

branch: master

Fetching latest commit…

Octocat-spinner-32-eaf2f5

Cannot retrieve the latest commit at this time

Octocat-spinner-32 lib
Octocat-spinner-32 spec
Octocat-spinner-32 .gitignore
Octocat-spinner-32 MIT-LICENSE
Octocat-spinner-32 Mavenfile
Octocat-spinner-32 README.textile
Octocat-spinner-32 ixtlan-session-timeout.gemspec
Octocat-spinner-32 ixtlan-session-timeout.gemspec.files
README.textile

Rails Idle Session Timeout

when you deal with privacy related data during a session then it is important to timeout these session since it happens to often that a session stays open. there a lot of examples how to “reuse” an open session.

sometimes it is nessecary to have different timeout for different parts of the system. you can do this with

class MyController
  def idle_session_timeout
    Configuration.instance.user_idle_session_timeout
  end
  . . . 
end 

or you want to bind your admin session to the IP of the admin:

class MyAdminController
  before_filter :check_session_ip_binding  
  . . . 
end 

or you do not want any session timeout

class MyAdminController
  skip_before_filter :check_session
  . . . 
end 

install

in Gemfile add gem ‘ixtlan-session-timeout’

for the configuration add for example in config/initializers/session-timeout.rb. without that the default idle timeout is 15 minutes.

Rails.application.config.idle_session_timeout = 30 #minutes

relation to ixtlan gem

the ixtlan gem provides a setup generator which adds configuration examples for this gem in config/initializer/ixtlan.rb (the dynamic configuration is part of the ixtlan gem and it is just easier to keep that inside that gem !!!)

relation to ixtlan-audit gem

if that gem is present and loaded than any timeout will be log with the help of Ixtlan::Audit::UserLogger

Something went wrong with that request. Please try again.