i working on rails 4, 1 of application using devise authentication process. working , want 1 thing. after user signed in session persist 1 day or until user pressed sign out button. example if logged in on 8th march 2015 10am automatically destroy session on 9th march 2015 10am though working on time.
devise :timeoutable, :timeout_in => 24.hours i used devise timeoutable(above code) taking 24 hours of inactivity.
config.timeout_in = 24.hours in devise.rb tried configure went vain again taking user inactivity. if knows better idea or code please share me. information needed add comment edit question. in advance.
timeout_in description in devise.rb configuration file says:
the time want timeout user session without activity. after time user asked credentials again.
so not time since login, time since last user activity. not want.
to create sessions last x hours, create before_action filter in applicationcontroller compares current_sign_in_at time of user current time. (not tested):
# in controllers/application_controller.rb before_action :check_max_session_time def check_max_session_time redirect_to destroy_user_session_path if current_user.current_sign_in_at + 24.hours < time.now end the timeout_in configuration should still 24.hours, otherwise users logged out earlier.
Comments
Post a Comment