I am using the following code (inspired by one of the books) to check if
the user’s session should have timed out.
Check to see if the user has been inactive for longer than the
expiry period. If they have, reset the session.
if session[:expires_at] != nil
@time_left = (session[:expires_at] - Time.now).to_i
unless @time_left > 0
# TODO - This flash is never shown, because we redirect maybe?
flash[:error] = ‘Your session has timed out, please login to
redirect_to :controller => ‘security’, :action => ‘login’ and
However, the flash is never shown. The view includes the correct code
and a flash is shown if the user enters an incorrect username/password.
At one point, the flash did work (before I changed some code) but I have
no idea what actually broke it.
The same happens for the logout event, which simply calls reset_session,
sets the flash then redirects as above (in that order, so I’m not wiping
the flash out from the session I hope).
Is there any reason that the flash wouldn’t be shown?