Session timeout in rails 3

Hi all,

Iam having a requirement where a user who has logged in to my site is
idle for 5 minutes, then they should automatically redirect back to
login page.

Im using devise. But its timeoutable is not working. I also looked at
using session in config. It also dint help.

Please anyone help me in this.

Hi Angel,
Devise will expire session in the time that you put in
‘config/initializers/devise.rb’ with

config.timeout_in = 5.minutes

but this won’t redirect your app automatically to the login page, so,
you would need some javascript function to solve this. You should try
to implement some like an automatic redirection after expire some time
(minutes, hours, etc)

Here there is some that helped me to solve a task similar as yours.

http://philpalmieri.com/2009/09/jquery-session-auto-timeout-with-prompt/

I hope this helps.

See ya.

Cesar

On Fri, Dec 30, 2011 at 7:40 AM, Csar [email protected] wrote:

 Devise will expire session in the time that you put in

‘config/initializers/devise.rb’ with

config.timeout_in = 5.minutes

but this won’t redirect your app automatically to the login page, so,
you would need some javascript function to solve this.

Alternatively, just include a meta-refresh tag in every page pointing to
your login page, with the appropriate timeout as the refresh interval.


Hassan S. ------------------------ [email protected]
http://about.me/hassanschroeder
twitter: @hassan

On 30 Dec 2011, at 19:54, Robert W. wrote:

pointing to
your login page, with the appropriate timeout as the refresh
interval.

I would also advise planning ahead to remove this “feature” when your
client begs you to, since the users will all hate it.

So true. We were asked this question for some freelance work a few
years back, in fact, they insisted on having that “feature” for
security reasons. It took them exactly one week to beg us to take it
away again. 5 minutes pass so quickly: you have a phone call, you get
a coffee and bump into a colleague,

Best regards

Peter De Berdt

On Fri, Dec 30, 2011 at 11:46 AM, Peter De Berdt
[email protected] wrote:

I would also advise planning ahead to remove this “feature” when your
client begs you to, since the users will all hate it.

So true. We were asked this question for some freelance work a few years
back, in fact, they insisted on having that “feature” for security reasons.
It took them exactly one week to beg us to take it away again. 5 minutes
pass so quickly: you have a phone call, you get a coffee and bump into a
colleague,

But the “how to” remains a valid question, regardless of whether it’s
5 minutes, 30 minutes or 24 hours :slight_smile:


Hassan S. ------------------------ [email protected]
http://about.me/hassanschroeder
twitter: @hassan

Hassan S. wrote in post #1038883:

On Fri, Dec 30, 2011 at 7:40 AM, Csar [email protected] wrote:

 Devise will expire session in the time that you put in

‘config/initializers/devise.rb’ with

config.timeout_in = 5.minutes

but this won’t redirect your app automatically to the login page, so,
you would need some javascript function to solve this.

Alternatively, just include a meta-refresh tag in every page pointing to
your login page, with the appropriate timeout as the refresh interval.

I would also advise planning ahead to remove this “feature” when your
client begs you to, since the users will all hate it.

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs