Session Timeout - Best Practice or Gem?

What’s the best practice for implementing session timeouts? Or is
there a gem for this functionality? I remember seeing one several
months ago but it appears that it’s no longer available.

Gavin

I wrote a simple cron job that just runs once a day, and expires any
session older than a week.

In an ideal world, any session that is not used in more than N hours
should be considered stale, and require a login. I’m not certain how
to implement this yet.

–Michael

On Wed, 2007-10-17 at 10:19 -0500, Michael G. wrote:

I wrote a simple cron job that just runs once a day, and expires any
session older than a week.

In an ideal world, any session that is not used in more than N hours
should be considered stale, and require a login. I’m not certain how
to implement this yet.


MY_RAILS_ROOT/lib/session_cleaner.rb

(my sessions are in Active Record)

class SessionCleaner
def self.remove_stale_sessions
CGI::Session::ActiveRecordStore::Session
Session.destroy_all( [‘updated_at < ?’, 30.minutes.ago] )
end
end

I have a cron script that runs every 5 minutes…

*/5 * * * * /usr/bin/ruby MY_RAILS_ROOT/script/runner -e production
SessionCleaner.remove_stale_sessions > /dev/null 2>&1

season to taste

Craig

What’s the best practice for implementing session timeouts?

Check out Rails’ sweepers

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs