auto_session_timeout value keeps going up

pelargir / auto-session-timeout

Provides automatic session timeout in a Rails application.

MIT License

126 stars 63 forks source link

auto_session_timeout value keeps going up #6

Closed allaire closed 4 years ago

allaire commented 8 years ago

Hi,

If I don't set auto_session_timeout to the same frequency of the JS ping to /active, the session[:auto_session_expires_at] just keep going up and is never reached, even if no action is happening.

Any idea?

allaire commented 8 years ago

The frequency is always added to the value, making the expires_at always bigger

allaire commented 8 years ago

@pelargir found the issue, it was caused by a get parameter (locale) which prevented the unless start_with? to trigger.

I have overwrite the route in my controller to remove the param:

  # Bypass c.request.original_url.start_with?(c.send(:active_url)) because of locale
  def active_url(options = {})
    options[:locale] = nil
    super(options)
  end

Maybe we should ignore get parameters right in the unless statement?

pelargir commented 8 years ago

This could be a regression due to a newer version of Rails. I originally wrote the gem to work with Rails 3. Which version are you using?

pelargir commented 4 years ago

@allaire I'm pretty sure #26 fixed this. Make sure you're scoping the auto timeout routes with the locale in routes.rb to ensure they include the locale when they get used in the JS helper:

  scope '(:locale)' do
    get 'active'  => 'users#active'
    get 'timeout' => 'users#timeout'
  end

If this is still happening for you, please reopen this issue.