Walter Davis wrote in post #1054653:
> GIYF:
>
> Search term was 'rails session config', second result seems to indicate
> that this expire_after option is no longer in the Active Record Session:
>
> http://stackoverflow.com/questions/5860950/setting-session-timeout-in-rails-3
>
> Walter
Thanks for the reply Walter, but I ended up testing another route by
going to the session_store.rb and placing in:
MyApplication::Application.config.session_store :active_record_store,
:key => '_my_key', :expire_after => 2.hours
which allowed me to use the database instead. I then ran:
bundle exec rake db:sessions:create
bundle exec rake db:migrate
And, after logging into IE and into Firefox, the sessions hold after the
browser is closed. I looked at the cookies with Firecookie and saw the
following:
_my_key Expires: Timestamp with 2 hours later
So, the expire_after works fine with Rails 3.0.10 which is what I'm
using now. I just have to create a sweep routine to clean up the
database when necessary;
(per ruby on rails guides - section 2.9 session expiry)
http://guides.rubyonrails.org/security.html#sessions
--
Posted via http://www.ruby-forum.com/.
--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
No comments:
Post a Comment