#24 ✓resolved
Deleted User

logged_in_timeout not working

Reported by Deleted User | January 4th, 2009 @ 05:35 PM

class User < ActiveRecord::Base

 acts_as_authentic :logged_in_timeout => 2.minutes

the timeout is not working (with the default of 10.minutes or mine). My app is based on the sample example

Standard application with all user columns

  create_table "users", :force => true do |t|
    t.string   "login",                               :null => false
    t.string   "crypted_password",                    :null => false
    t.string   "password_salt",                       :null => false
    t.string   "persistence_token",                   :null => false
    t.string   "single_access_token",                 :null => false
    t.string   "perishable_token",    :default => "", :null => false
    t.integer  "login_count",         :default => 0,  :null => false
    t.datetime "last_request_at"
    t.datetime "last_login_at"
    t.datetime "current_login_at"
    t.string   "last_login_ip"
    t.string   "current_login_ip"
    t.datetime "created_at"
    t.datetime "updated_at"
    t.string   "email",               :default => "", :null => false

The controllers use

  before_filter :require_user

I'm new to this gem, so it's possible that I missed a crucial configuration !

Regards and Thanks for this great work.


Comments and changes to this ticket

  • Deleted User

    Deleted User January 6th, 2009 @ 05:02 PM

    I have tried with the sample available at http://github.com/binarylogic/au... without success. I'm never logout-out after 10 minutes (default).

    Do I need to add code to this sample ?


  • Ben Johnson

    Ben Johnson January 6th, 2009 @ 05:04 PM

    • State changed from “new” to “resolved”

    It doesnt log you out, its just a way to count how many users are active

  • Deleted User

    Deleted User January 7th, 2009 @ 05:36 PM

    Thanks for your reply.

    So I tride that :

    class UserSession < Authlogic::Session::Base
      # Timeout session in seconds
      SESSION_TIMEOUT=30  # for tests
      before_validation :check_timeout
      # enforce session timeout
      def check_timeout
        return false if @unauthorized_record.last_request_at + SESSION_TIMEOUT < Time.zone.now

    but without success !

    Any idea ?

  • Deleted User

    Deleted User January 7th, 2009 @ 06:26 PM

    Ok read more and tried that :

    class UserSession < Authlogic::Session::Base
      #  remember_me_for 7.days
      # Timeout session in seconds
      SESSION_TIMEOUT=30  # for tests
      before_validation :check_timeout
      # enforce session timeout
      def check_timeout
        if (record and  not authenticating_with_password?)
          errors.add_to_base("Your session has timed out") if @record.last_request_at + SESSION_TIMEOUT < Time.zone.now

    but that don't let me log in. How to NOT check the timeout on the login form ?

    Thanks for your time

  • Ben Johnson

    Ben Johnson January 7th, 2009 @ 06:56 PM

    • State changed from “resolved” to “open”

    I know what you are trying to do, I've been thinking about adding that feature in, so I'll add it in over the next couple of days and update this when its done.

  • Deleted User

    Deleted User January 8th, 2009 @ 06:38 AM

    Good news ! Tell me if I can help in any way .

    Regards Serge

  • Ben Johnson

    Ben Johnson January 9th, 2009 @ 01:50 AM

    • State changed from “open” to “resolved”

    Ok this is all set. Just do:

    class UserSession < Authlogic::Session::Base
    logout_on_timeout true
  • Deleted User

    Deleted User January 9th, 2009 @ 02:45 PM

    Very nice !

    I want change the Flash message in this case to give a specific message. What would be the best way to do it ?


  • Ben Johnson

    Ben Johnson January 12th, 2009 @ 01:00 AM

    Right now there is no way to give a specific error message as to why the session wasn't found. I wanted to treat the find method just like any other ORM library, it returns nil if not found. My suggestion is to have a generic message saying something like "We're sorry, but you must log in before proceeding. Thank you."

  • rajansingh

    rajansingh November 19th, 2018 @ 03:23 PM

    With acts_as_authentic you get a :logged_in_timeout configuration option. If this is set, after this amount of time has passed the user will be marked as logged out. Obviously, since web based apps are on a per request basis, we have to define a time limit threshold that determines when we consider a user to be “logged out”. Meaning, if they login and then leave the website, when do mark them as logged out? I recommend just using this as a fun feature on your website or reports, giving you a ballpark number of users logged in and active. facetime app download This is not meant to be a dead accurate representation of a users logged in state, since there is really no real way to do this with web based apps. Think about a user that logs in and doesn't log out. There is no action that tells you that the user isn't technically still logged in and active.

    That being said, you can use that feature to require a new login if their session timesout. Similar to how financial sites work. Just set this option to true and if your record returns true for stale? then they will be required to log back in.

  • Clarence247

    Clarence247 December 19th, 2018 @ 06:23 AM

    If the user logged in and then made a second request 16 minutes later the cookie would be re-issued for another 30 minutes. If the user logged in and then made a second request 31 minutes later then the user would be prompted to log in mybkexperience.

  • lindarose11

    lindarose11 December 24th, 2018 @ 04:28 AM

    The article you have shared here very awesome. I really like and appreciated your work. I read deeply your article, the points you have mentioned in this article are useful
    gun mayhem 2

  • ravi
  • twithe mason

    twithe mason May 14th, 2019 @ 07:24 PM

    Your primary training and kindness in playing with all things was tremendous. I am not sure what I would have done if I had not come upon such a point like this. It’s possible to now look forward to my future. Thank you so much for this expert and effective guide.
    guarda series streaming ita in cb01 ex cineblog01.

  • mj

    mj August 21st, 2019 @ 12:47 AM

    • Tag cleared.

    Good information. thank you for sharing this بیمه مسافرتی I want to introduce you to the site for traveling. بیمه مسافرتی سامان On-line reservation of the user's flight ticket at different points and having a mobile Internet connection can reserve the desired ticket. خرید بیمه مسافرتی I would love to share articles and receive articles from this author بیمه ارزان مسافرتی Please visit our site. صدور بیمه مسافرتی see this site to Insurance بلیط هواپیما thank you.

  • noah ritter
  • webdesign01

    webdesign01 February 22nd, 2020 @ 04:31 AM

    Our web development company in delhi offers all type of services such as Web Development, Mobile App Development, Software Development, Android App Development, ios and iphone app development according to the requirement of the users for more details you can visit our site.

  • WebDevelopment

    WebDevelopment September 12th, 2020 @ 02:08 AM

    While the significant structure is going on, back-end improvement can be begun, and even some front-end undertakings that tie into the back-finish of the site.

    Report the specialized prerequisites expected to help the practical necessities from the arranging and examination step. Incorporate components, for example, gadgets and programs that must be upheld.

    Choose what advancements will be utilized dependent on the prerequisites and examination from the arranging step.

    Recognize how and where you'll be utilizing back-end frameworks like substance the executives frameworks, request preparing frameworks, databases, and some other specialized prerequisites expected to help the highlights being structured.

    Start making the system of the site with errands, for example, setting up a record structure and making essential layouts that can be refined dependent on the finished plan.

    The two architects and engineers need to approve that the site looks and carries on as planned, however the designers, or analyzers relying upon the group size and make-up, go further than the top layer.

    Is the reaction time worthy?

    How does the site perform under substantial client load?

    Do all the back-end frameworks work how they should when the front-end associates with them?

    Do all the connections work? Do the propelled components work easily and reliably across pages?

    The Website Development Company In Delhi process shouldn't be thorough or excessively severe, especially if your web venture is little or you are simply beginning. Utilizing a consented to process will help keep your groups on-schedule, on-financial plan, and maintain a strategic distance from struggle over misconstrued desires.

  • uzair awan

    uzair awan September 19th, 2020 @ 09:38 AM

    I really loved reading your blog. It was very well authored and easy to undertand. Unlike additional blogs I have read which are really not tht good. I also found your posts very interesting. In fact after reading, I had to go show it to my friend and he ejoyed it as well! how to get cheap facebook likes

  • jacknoname

    jacknoname January 20th, 2021 @ 05:52 AM

    SLOTXO เล่นเกมสล็อตใหญ่แตกเกมสล็อตออนไลน์เล่นผ่านแอพพลิเคชั่นก็สามารถเล่นได้
    โบนัสที่ให้ใหญ่สล็อตออนไลน์ผ่านแอพลิเคชั่นก็สามารถเล่นได้สำหรับท่านที่ต้องการพกพาความสะดวกก็ มีเวลา แอฟเคชันสำหรับทุกเกมส์ให้ท่านโหลดเก็บไว้ในบันทึกได้ในทุกที่ทุกเวลาที่ต้องการโดยไม่กินของมือถือของคุณ ให้คุณสะดวกมากขึ้นกว่าเดิมโปรแกรมเกมส์ที่ถูกออกแบบมาโดยเฉพาะสได้ เปคมือถือไม่ว่าจะเป็นรุ่นเก่ารุ่นใหม่แล้ว ความสนุกก็เกิดขึ้นได้ทุกเวลาเล่นคาสิโนต้องเลือกเว็บที่มีความมั่นคงมีความเร็วและยินดีเราตอบได้สำหรับคอ สิโนออนไลน์เกมส์ SLOTXOG ออนไลน์ ที่มีให้เลือกอย่างจุใจกว่า 200 เกมส์


Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

Object based authentication solution that handles all of the non sense for you. It's as easy as ActiveRecord is with a database.

People watching this ticket