Automatically Expiring Sessions in Rails

May 22nd, 2007

SessionExpiration is plugin that allows you to expire sessions after X seconds of inactivity. Useful for when you want to automatically log out users if they’re idle.

Trac: http://trac.intridea.com/trac/public

Subversion repository: http://svn.intridea.com/svn/public/session_expiration/

Installation: 
script/plugin install http://svn.intridea.com/svn/public/session_expiration

OR

cd vendor/plugins
svn co http://svn.intridea.com/svn/public/session_expiration

Specify when to expire session in your ApplicationController to do it site wide or you can do it for specific controllers:

class ApplicationController
  expire_session_in 5.minutes
end

If you want to run a method when the session expires use this:

class ApplicationController
  expire_session_in 5.minutes, :after_expiration => :some_method

  def some_method
    flash[:notice] = "You have been logged out due to inactivity"
  end
end
Posted by naffis Filed in

4 Responses to “Automatically Expiring Sessions in Rails”

  1. Noah Stern Says:
    July 18th, 2007 at 02:56 PM

    Thanks Dave, we’re giving this a go in our website.

  2. chan huai Says:
    December 29th, 2007 at 02:29 AM

    hi i tried the after_expiration to run some method after expiration but somehow the method was not run. also what if i use this in controller that has beforefilter :loginrequired? since the afterexpiration method was not run, when the session reset and if i click on any pages that required login, i’ll get nil class object for my @currentuser variable.

  3. Muhammad Hassan Says:
    April 24th, 2008 at 12:26 PM

    Thank you for giving this info, I have 2 questions: 1.What is the default session time of Rails (in case I did not use any plugins) 2.How to get user sesssion id?

    Thank you for your help.

    Muhammad Hassan http://www.badrit.com

  4. Fabiola Says:
    August 13th, 2008 at 08:28 PM

    Hey, the plugin is missing!!!

Leave a Reply