How can AuthLogic be configured to only timeout sessions for certain users (admins)?

Question

We have a business requirement that some users be automatically logged out of our application after a period of inactivity. Other users are allowed to stay logged in and should not timeout. We are using AuthLogic with Rails 3 for session management.

How can I have AuthLogic sessions timeout for some users, but not others?

John Naegle · Accepted Answer · 2012-06-14T18:40:53.453

1

User must have a last_request_at column, then add this to the UserSessions model. You can perform whatever check you like in stale? Here the timeout only occurs for administrators.

logout_on_timeout true

def stale?
  user.present? && user.admin? && super
end

edited Jun 14 '12 at 18:40

answered Jun 14 '12 at 18:35

John Naegle

8,077
3
38
47

How can AuthLogic be configured to only timeout sessions for certain users (admins)?

1 Answers1