Doesn't appear to be any facility for session expiry/timeout, setting how long
Reported by sbwoodside | May 25th, 2009 @ 11:31 PM
There doesn't seem to be any way to set how long a user may be inactive before their session will expire / timeout, or even if this occurs. I looked at the rspecs and all I could find was the remember me feature, which seems to be for much extended periods. That implies that there is a normally shorter timeout, but where is it, how do I set it, do I need a before_filter for it, and where is it tested?
Comments and changes to this ticket
-
Rick June 2nd, 2009 @ 12:25 PM
The plugin stores the user auth data in the rails session, so there's no configuration or testing in the plugin itself.
http://www.quarkruby.com/2007/10/21/sessions-and-cookies-in-ruby-on...
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป
Restful Authentication Generator
This widely-used plugin provides a foundation for securely managing user
authentication:
* Login / logout
* Secure password handling
* Account activation by validating email
* Account approval / disabling by admin
* Rudimentary hooks for authorization and access control.
http://github.com/technoweenie/restful-authentication/tree