Expiring Sessions

This brief snippet will show you how to expire a user's session after a certain period of time.

Published on:October 16, 2015

Introduction

To improve user security, we may wish to expire the user's session after they are inactive for a given amount of time. In order to do this, we simply set the expire_after parameter when setting up our session store. For example:

config/initializers/session_store.rb:

Rails.application.config.session_store :cookie_store, key: '_Example_session', expire_after: 15.minutes

The line above would expire the session after 15 minutes of inactivity. This means that the user's session variables would get wiped once time reaches 15 minutes since the user last accessed the Rails application. If the user refreshes the page, the timer gets refreshed.

That's it! Thanks for reading!

Recent Articles

Easier Debugging With Pry

This article will show you how to make debugging easier with Pry

 Posted over 7 years ago

Implementing Clipboard Functionality

This article will show you how to use the clipboard in your web application.

 Posted over 7 years ago

Basic Search Using Ransack

This article will show you how to implement search functionality via Ransack.

 Posted over 7 years ago

Rails Console Debugging Tricks

This article will demonstrate a few Rails console tricks that you may not be aware of.

 Posted over 7 years ago

The Rails 5.0 Default Files

Rails 5 is here!

 Posted almost 8 years ago

Recent News

RichOnRails is BACK!

RichOnRails.com has returned!

 Posted about 2 years ago