#50 new
sbwoodside

Doesn't appear to be any facility for session expiry/timeout, setting how long

Reported by sbwoodside | May 25th, 2009 @ 11:31 PM

There doesn't seem to be any way to set how long a user may be inactive before their session will expire / timeout, or even if this occurs. I looked at the rspecs and all I could find was the remember me feature, which seems to be for much extended periods. That implies that there is a normally shorter timeout, but where is it, how do I set it, do I need a before_filter for it, and where is it tested?

Comments and changes to this ticket

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

Restful Authentication Generator

This widely-used plugin provides a foundation for securely managing user
authentication:
* Login / logout
* Secure password handling
* Account activation by validating email
* Account approval / disabling by admin
* Rudimentary hooks for authorization and access control.

http://github.com/technoweenie/restful-authentication/tree

People watching this ticket

Pages