Lucas Mazza
536279b05b
Replace homemade assert_not matcher in favor of refute.
2016-05-03 13:57:10 -03:00
Ulisses Almeida
1ddca80cee
Set the new default of sign_out_via config
2016-05-01 12:44:40 -03:00
José Valim
b97b3e6e3b
Do not timeout if remember me is enabled
...
Signed-off-by: José Valim <jose.valim@plataformatec.com.br >
2016-01-22 16:19:10 +01:00
José Valim
4ec7dc0f27
Store creation timestamp on remember cookies
...
Signed-off-by: José Valim <jose.valim@plataformatec.com.br >
2016-01-18 15:17:25 +01:00
Thomas Walpole
2024fca4df
Rails 5 compatability. Remove rails < 4.1 and Ruby < 2.1
2015-12-11 09:47:30 -08:00
Błażej Pankowiak
9f32f421a5
Allow skipping the timeoutable hook
2015-11-02 23:53:09 +01:00
David Rodríguez
4064641967
Remove obsolete expire_auth_token_on_timeout
...
This should have been removed in dff7891b97
2015-07-11 09:01:22 -03:00
Lucas Mazza
eb9db7ba3a
Coerce time objects serialized as Strings before doing the timeoutable comparisons.
...
The comparison only fails on Ruby 1.9.3, when we need to parse it properly back
to a Time instance.
Related to #2930 .
2014-08-05 14:58:27 -03:00
Lucas Mazza
da0c27393f
Serialize the last_request_at entry as an Integer
...
Pushing the `Time` object inside the session has inconsistencies
across different serializers and we should use a more primitive type
so we don't need any specific parsing logic for the JSON serializer.
2014-03-28 22:51:56 -03:00
Anshul Sharma
dc1b399a8b
Updated ruby 1.9 hash syntax
2014-02-25 22:12:55 +05:30
Marcus Mansur
b16899f7bf
fixes timeoutable specs to cover sign_out_all_scopes false
2013-11-21 14:02:45 -02:00
José Valim
27bcefcf54
Ensure timeoutable hook respects Devise.sign_out_all_scopes configuration
...
Closes #2606
2013-11-06 21:07:38 +01:00
andrew morton
52a3768451
A GET to sign in shouldn't extend the session.
2013-11-06 20:20:22 +01:00
Vasiliy Ermolovich
b7079c7cf2
redirect user to the referrer if latest request was not GET after timeout
...
closes #2421
2013-05-19 17:11:34 +03:00
Carlos Antonio da Silva
86eecc6606
Change "ActionController::IntegrationTest" to "ActionDispatch::IntegrationTest"
2013-01-28 19:58:21 -02:00
José Valim
4bc2ff997a
Timeout does not explode when reset_authentication_token! is accidentally defined by Active Model
2012-06-16 14:04:34 +02:00
José Valim
41a91188f5
Do not trigger timeout on sign in related actions
2012-06-16 13:24:07 +02:00
Rodrigo Flores
65f08ea175
Removing signed_out path workaround
2012-02-16 14:53:11 -02:00
José Valim
275c480f89
Redirect to the previous URL on timeout, closes #1596
2012-01-24 14:00:36 +01:00
José Valim
d448e7d841
Timeoutable also skips tracking if skip_trackable is given
2011-10-25 18:43:48 +02:00
Pat Allan
16c39a9f17
Making sure timeoutable respects rememberable if both are loaded.
2010-09-29 15:27:54 +08:00
José Valim
5e1ef9319e
Check if the user is already signing out before timing out his connection, closes #273 .
2010-06-13 12:40:13 +02:00
José Valim
b974b7bc78
Move failure messages from devise.sessions to devise.failure.
2010-04-03 13:11:45 +02:00
José Valim
23e608e27b
No need to append ?unauthenticated=true in URLs anymore since Flash was moved to a middleware in Rails 3.
2010-04-03 11:43:31 +02:00
José Valim
ca4e09390e
Compatibility with Ruby 1.9.1 and 1.9.2.
2010-03-26 11:27:19 +01:00
José Valim
c05b8cf2ce
Rename :timeout to :timeout_in and release gem again.
2009-11-25 00:11:49 -02:00
José Valim
076ce9add8
Improve timeoutable tests a bit.
2009-11-24 11:52:13 -02:00
José Valim
691055cf06
Fix timeout tests.
2009-11-24 11:00:35 -02:00
Carlos Antonio da Silva
a88731bb93
Adding i18n flash message when session is expired.
2009-11-23 23:01:01 -02:00
Carlos Antonio da Silva
40aaa98de9
Refactoring timeoutable module and confirmable tests.
2009-11-23 23:01:00 -02:00
Carlos Antonio da Silva
099c77e867
Introducing timeoutable to timeout sessions without activity.
2009-11-23 23:01:00 -02:00
