SessionTimeout: A Rails Plugin to handle short-term session timeouts
SessionTimeout is a Rails plugin by Luke Redpath that makes enforcing short session times easy, like so:
class ApplicationController session_times_out_in 600, :after_timeout => :do_something def do_something logger.info "HELLO, IVE TIMED OUT!" end end
With Rails built-in session options, you can set a specific session expiry time however in production mode this expiry time is set just the once. This is fine if you are setting your expiry time far in the future (and therefore you are likely to restart your server processes by that time) but if you want to set your timeout in the near future, your session expiry will soon be a date/time in the past - this will cause a new session to be created for every new request resulting in disaster.