#24 ✓resolved
net1957

logged_in_timeout not working

Reported by net1957 | January 4th, 2009 @ 05:35 PM


class User < ActiveRecord::Base

 acts_as_authentic :logged_in_timeout => 2.minutes
end

the timeout is not working (with the default of 10.minutes or mine). My app is based on the sample example

Standard application with all user columns


  create_table "users", :force => true do |t|
    t.string   "login",                               :null => false
    t.string   "crypted_password",                    :null => false
    t.string   "password_salt",                       :null => false
    t.string   "persistence_token",                   :null => false
    t.string   "single_access_token",                 :null => false
    t.string   "perishable_token",    :default => "", :null => false
    t.integer  "login_count",         :default => 0,  :null => false
    t.datetime "last_request_at"
    t.datetime "last_login_at"
    t.datetime "current_login_at"
    t.string   "last_login_ip"
    t.string   "current_login_ip"
    t.datetime "created_at"
    t.datetime "updated_at"
    t.string   "email",               :default => "", :null => false
  end

The controllers use


  before_filter :require_user

I'm new to this gem, so it's possible that I missed a crucial configuration !

Regards and Thanks for this great work.

Serge

Comments and changes to this ticket

  • net1957

    net1957 January 6th, 2009 @ 05:02 PM

    I have tried with the sample available at http://github.com/binarylogic/au... without success. I'm never logout-out after 10 minutes (default).

    Do I need to add code to this sample ?

    Serge

  • Ben Johnson

    Ben Johnson January 6th, 2009 @ 05:04 PM

    • State changed from “new” to “resolved”

    It doesnt log you out, its just a way to count how many users are active

  • net1957

    net1957 January 7th, 2009 @ 05:36 PM

    Thanks for your reply.

    So I tride that :

    
    class UserSession < Authlogic::Session::Base
      # Timeout session in seconds
      SESSION_TIMEOUT=30  # for tests
    
      before_validation :check_timeout
    
      private
    
      # enforce session timeout
      def check_timeout
        return false if @unauthorized_record.last_request_at + SESSION_TIMEOUT < Time.zone.now
    
      end
    
    end
    

    but without success !

    Any idea ?

  • net1957

    net1957 January 7th, 2009 @ 06:26 PM

    Ok read more and tried that :

    
    class UserSession < Authlogic::Session::Base
      #  remember_me_for 7.days
    
      # Timeout session in seconds
      SESSION_TIMEOUT=30  # for tests
    
      before_validation :check_timeout
    
      private
    
      # enforce session timeout
      def check_timeout
        if (record and  not authenticating_with_password?)
          errors.add_to_base("Your session has timed out") if @record.last_request_at + SESSION_TIMEOUT < Time.zone.now
        end
      end
    
    end
    

    but that don't let me log in. How to NOT check the timeout on the login form ?

    Thanks for your time

  • Ben Johnson

    Ben Johnson January 7th, 2009 @ 06:56 PM

    • State changed from “resolved” to “open”

    I know what you are trying to do, I've been thinking about adding that feature in, so I'll add it in over the next couple of days and update this when its done.

  • net1957

    net1957 January 8th, 2009 @ 06:38 AM

    Good news ! Tell me if I can help in any way .

    Regards Serge

  • Ben Johnson

    Ben Johnson January 9th, 2009 @ 01:50 AM

    • State changed from “open” to “resolved”

    Ok this is all set. Just do:

    class UserSession < Authlogic::Session::Base
    logout_on_timeout true
    end
    
  • net1957

    net1957 January 9th, 2009 @ 02:45 PM

    Very nice !

    I want change the Flash message in this case to give a specific message. What would be the best way to do it ?

    Serge

  • Ben Johnson

    Ben Johnson January 12th, 2009 @ 01:00 AM

    Right now there is no way to give a specific error message as to why the session wasn't found. I wanted to treat the find method just like any other ORM library, it returns nil if not found. My suggestion is to have a generic message saying something like "We're sorry, but you must log in before proceeding. Thank you."

  • Protar Smith
  • sdasfdf

    sdasfdf September 2nd, 2018 @ 03:07 PM

    Thanks for sharing.I found a lot of interesting information here. A really good post, very thankful and hopeful that you will write many more posts like this one.
    panda helper Download
    emu4ios Download
    gbwhatsapp Download

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

Object based authentication solution that handles all of the non sense for you. It's as easy as ActiveRecord is with a database.

People watching this ticket

Tags

Pages