* Added the ability to add a last_request_update_allowed? method in y…

…our controller to pragmatically tell Authlogic when and when not to update the last_request_at field in your database. This only takes effect if the method if present.

CHANGELOG.rdoc

@@ -1,3 +1,7 @@
+== 2.0.12
+
+* Added the ability to add a last_request_update_allowed? method in your controller to pragmatically tell Authlogic when and when not to update the last_request_at field in your database. This only takes effect if the method if present.
+
 == 2.0.11 release 2009-4-25
 
 * Fix bug when password is turned off and the SingleAccessToken module calls the after_password_set callback.

README.rdoc

@@ -26,29 +26,29 @@ You can also log out / destroy the session:
 
 == Helpful links
 
-*	<b>Documentation:</b> http://authlogic.rubyforge.org
-*	<b>Repository:</b> http://github.com/binarylogic/authlogic/tree/master
-*	<b>Live example with OpenID "add on":</b> http://authlogicexample.binarylogic.com
-*	<b>Live example repository with tutorial in README:</b> http://github.com/binarylogic/authlogic_example/tree/master
-*	<b>Tutorial: Reset passwords with Authlogic the RESTful way:</b> http://www.binarylogic.com/2008/11/16/tutorial-reset-passwords-with-authlogic
+* <b>Documentation:</b> http://authlogic.rubyforge.org
+* <b>Repository:</b> http://github.com/binarylogic/authlogic/tree/master
+* <b>Live example with OpenID "add on":</b> http://authlogicexample.binarylogic.com
+* <b>Live example repository with tutorial in README:</b> http://github.com/binarylogic/authlogic_example/tree/master
+* <b>Tutorial: Reset passwords with Authlogic the RESTful way:</b> http://www.binarylogic.com/2008/11/16/tutorial-reset-passwords-with-authlogic
 * <b>Bugs / feature suggestions:</b> http://binarylogic.lighthouseapp.com/projects/18752-authlogic
 * <b>Google group:</b> http://groups.google.com/group/authlogic
 
 <b>Before contacting me directly, please read:</b>
 
 If you find a bug or a problem please post it on lighthouse. If you need help with something, please use google groups. I check both regularly and get emails when anything happens, so that is the best place to get help. This also benefits other people in the future with the same questions / problems. Thank you.
 
-== Session bugs (please read if you are having issues with logging in / out)
-
-In some older versions of Rails there is a known issue with sessions using cookie store. This is most likely your problem if you are having trouble logging in / out. This is *not* an Authlogic issue. This can be solved by updating rails or using an alternative session store solution, such as active record store.
-
 == Authlogic "add ons"
 
-*	<b>Authlogic OpenID addon:</b> http://github.com/binarylogic/authlogic_openid
-*	<b>Authlogic LDAP addon:</b> http://github.com/binarylogic/authlogic_ldap
+* <b>Authlogic OpenID addon:</b> http://github.com/binarylogic/authlogic_openid
+* <b>Authlogic LDAP addon:</b> http://github.com/binarylogic/authlogic_ldap
 
 If you create one of your own, please let me know about it so I can add it to this list. Or just fork the project, add your link, and send me a pull request.
 
+== Session bugs (please read if you are having issues with logging in / out)
+
+Apparently there is a bug with apache / passenger for v2.1.X with sessions not working properly. This is most likely your problem if you are having trouble logging in / out. This is *not* an Authlogic issue. This can be solved by updating passener or using an alternative session store solution, such as active record store.
+
 == Documentation explanation
 
 You can find anything you want about Authlogic in the {documentation}, all that you need to do is understand the basic design behind it.

init.rb

@@ -1 +1 @@
-require "authlogic"
+require File.dirname(__FILE__) + "/rails/init.rb"

lib/authlogic/controller_adapters/abstract_adapter.rb

@@ -50,6 +50,14 @@ def single_access_allowed?
         controller.send(:single_access_allowed?)
       end
 
+      def responds_to_last_request_update_allowed?
+        controller.respond_to?(:last_request_update_allowed?, true)
+      end
+
+      def last_request_update_allowed?
+        controller.send(:last_request_update_allowed?)
+      end
+
       private
         def method_missing(id, *args, &block)
           controller.send(id, *args, &block)

lib/authlogic/session/magic_columns.rb

@@ -61,8 +61,24 @@ def update_info
             end
           end
 
-          def set_last_request_at?
-            record && record.class.column_names.include?("last_request_at") && (record.last_request_at.blank? || last_request_at_threshold.to_i.seconds.ago >= record.last_request_at)
+          # This method lets authlogic know whether it should allow the last_request_at field to be updated
+          # with the current time (Time.now). One thing to note here is that it also checks for the existence of a
+          # last_request_update_allowed? method in your controller. This allows you to control this method pragmatically
+          # in your controller.
+          #
+          # For example, what if you had a javascript function that polled the server updating how much time is left in their
+          # session before it times out. Obviously you would want to ignore this request, because then the user would never time out.
+          # So you can do something like this in your controller:
+          #
+          #   def last_request_update_allowed?
+          #     action_name =! "update_session_time_left"
+          #   end
+          #
+          # You can do whatever you want with that method.
+          def set_last_request_at? # :doc:
+            return false if !record || !klass.column_names.include?("last_request_at")
+            return controller.last_request_update_allowed? if controller.responds_to_last_request_update_allowed?
+            record.last_request_at.blank? || last_request_at_threshold.to_i.seconds.ago >= record.last_request_at
           end
 
           def set_last_request_at