You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This gem is able to logout a user after a period of inactivity that is configured with the config.timeout_in parameter.
In some applications it is required to logout a user after a fixed length of time, for security reason, no matter the user is active or not, which is not supported by this gem as far as I can see.
The Timeoutable class could be extended with a new optional parameter (similar to the timeout_in one) or by changing the behavior of the timeout_in parameter:
when it is an Integer or a String, it keeps the current behavior
when it is a Hash:
the inactivity key configures the inactivity timeout
the max key (or max_duration if better?) configures the new feature, login out the user when the session length is greater
Not sure about the name, I'm not good at naming things, sorry.
Of course, like the timeout_in works today, when this new parameter, or the max key is not set or nil, the feature is disabled.
A new warden session column would save the login time, which would be used to mesure the current session length and logout the user when its session length is greater than the given one.
In my eyes that look quite easy to test, and to implement since it is quite similar to the existing timeout feature.
The text was updated successfully, but these errors were encountered:
This gem is able to logout a user after a period of inactivity that is configured with the
config.timeout_inparameter.In some applications it is required to logout a user after a fixed length of time, for security reason, no matter the user is active or not, which is not supported by this gem as far as I can see.
The
Timeoutableclass could be extended with a new optional parameter (similar to thetimeout_inone) or by changing the behavior of thetimeout_inparameter:Integeror aString, it keeps the current behaviorHash:inactivitykey configures the inactivity timeoutmaxkey (ormax_durationif better?) configures the new feature, login out the user when the session length is greaterNot sure about the name, I'm not good at naming things, sorry.
Of course, like the
timeout_inworks today, when this new parameter, or themaxkey is not set ornil, the feature is disabled.A new warden session column would save the login time, which would be used to mesure the current session length and logout the user when its session length is greater than the given one.
In my eyes that look quite easy to test, and to implement since it is quite similar to the existing timeout feature.
The text was updated successfully, but these errors were encountered: