会话过期在 Rails 中不起作用 [英] Session expiration not working in Rails

问题描述

我试图在固定的登录时间段后使试用用户的会话过期.到目前为止，我看过的所有示例都使用 session[:expires_at] 键，如下所示:

I'm trying to expire a trial user's session after a fixed timeperiod of logging in. All the examples I've looked at so far use the session[:expires_at] key like this:

    session[:expires_at] = Time.now + 100 

但是当我在我的应用程序上尝试时，这似乎没有任何作用.我检查了 cookie，并且 expires 标头仍然设置为会话".刷新页面也证实了这种怀疑.

But this seems to do nothing when I try it on my app. I inspect the cookie and the expires header is still set to "Session". Refreshing the page also confirms this suspicion.

我意识到还有其他方法可以配置站点范围的会话持续时间，但我不想进行站点范围的更改.我只想用这个会话持续时间配置一个特定的场景.

I realise that there are other ways to configure the site-wide session duration but I don't want to make a sitewide change. I just want a specific scenario to be configured with this session duration.

我的猜测是 Rails 堆栈中的 after_filter 正在重置 expires_header，但我无法弄清楚.

My guess is that an after_filter in the Rails stack is resetting the expires_header but I can't figure this out.

推荐答案

我以前没见过这个，也找不到任何相关文档.我想你必须在应用程序控制器中实现一些东西来检查你设置的 session[:expire_at] 是否已经通过.

I've not seen this before and I can't find any documentation for it. I would imagine you would have to implement something in the application controller that checks if the session[:expire_at] that you're setting has passed by.

这篇关于会话过期在 Rails 中不起作用的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！