I am using the following code (inspired by one of the books) to check if
the user’s session should have timed out.
Check to see if the user has been inactive for longer than the
expiry period. If they have, reset the session.
def check_timeout
if session[:expires_at] != nil
@time_left = (session[:expires_at] - Time.now).to_i
unless @time_left > 0
reset_session
# TODO - This flash is never shown, because we redirect maybe?
flash[:error] = ‘Your session has timed out, please login to
continue.’
redirect_to :controller => ‘security’, :action => ‘login’ and
return false
end
end
end
However, the flash is never shown. The view includes the correct code
and a flash is shown if the user enters an incorrect username/password.
At one point, the flash did work (before I changed some code) but I have
no idea what actually broke it.
The same happens for the logout event, which simply calls reset_session,
sets the flash then redirects as above (in that order, so I’m not wiping
the flash out from the session I hope).
Is there any reason that the flash wouldn’t be shown?
Cheers.