#160 new
Alex Rice

session is never marked as stale?

Reported by Alex Rice | December 16th, 2009 @ 08:21 PM

Hi, thanks for authlogic. It's a joy to work with so far. I can't seem to get sessions to timeout though. The session objects never return true for stale. Perhaps the reason is the last_request_at columnn is getting set to like 7 hours in the future! Which is kind of strange. The time is correct on both the server and my web browser machine.

my rails console log at 6:11PM on 12/16
UPDATE users SET last_request_at = '2009-12-17 01:11:07', perishable_token = 'fZ9H7TbR7WmKP1aIgmvy' WHERE id = 1

Rails 2.3.3
authlogic 2.1.3

user_session.rb

class UserSession < Authlogic::Session::Base
logout_on_timeout = true end

user.rb

acts_as_authentic do |c|

c.logged_in_timeout = 1.minute

end

application_controller.rb

def current_user_session

if not defined?(@current_user_session)
  @current_user_session = UserSession.find
end

if @current_user_session
  logger.error "current_user_session stale = %s" % @current_user_session.stale?
end
if @current_user_session and 
    @current_user_session.user and 
    @current_user_session.stale?
  flash[:notice] = 'Your last login has timed out.';
  redirect_to new_user_session_url
  return false
end
return @current_user_session

end

Comments and changes to this ticket

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

Object based authentication solution that handles all of the non sense for you. It's as easy as ActiveRecord is with a database.

People watching this ticket

Pages