What’s the best practice for implementing session timeouts? Or is
there a gem for this functionality? I remember seeing one several
months ago but it appears that it’s no longer available.
Gavin
I wrote a simple cron job that just runs once a day, and expires any
session older than a week.
In an ideal world, any session that is not used in more than N hours
should be considered stale, and require a login. I’m not certain how
to implement this yet.
–Michael
On Wed, 2007-10-17 at 10:19 -0500, Michael G. wrote:
I wrote a simple cron job that just runs once a day, and expires any
session older than a week.In an ideal world, any session that is not used in more than N hours
should be considered stale, and require a login. I’m not certain how
to implement this yet.
MY_RAILS_ROOT/lib/session_cleaner.rb
(my sessions are in Active Record)
class SessionCleaner
def self.remove_stale_sessions
CGI::Session::ActiveRecordStore::Session
Session.destroy_all( [‘updated_at < ?’, 30.minutes.ago] )
end
end
I have a cron script that runs every 5 minutes…
*/5 * * * * /usr/bin/ruby MY_RAILS_ROOT/script/runner -e production
SessionCleaner.remove_stale_sessions > /dev/null 2>&1
season to taste
Craig
What’s the best practice for implementing session timeouts?
Check out Rails’ sweepers