Some of my users are being logged out of their sessions
Question
I built a Rails site using Devise for authentication. Even though I have tried setting config.remember_for in devise.rb to 2 weeks, and even 10 years, some users are being logged out even a minute later.
config.remember_for = 10.years
Not everyone is experiencing the issue. When I log into the site, it does not log me out, whether I'm on my laptop or my iPhone 6S+. Some iPhone 7S+ users with iOS 10.2 are having the problem, but I don't know if the problem is limited to them or not.
I have upgraded the site from Rails 4.2.6 to 5.0.1, upgraded Devise from 3.5.6 to 4.2.0, upgraded Ruby from 2.3.0 to 2.4.0, and changed the web/app server from Passenger to Puma 3.6.2, but neither of these changes solved the problem.
Any suggestions for fixing this problem? Thanks!
1 answers
solution1
0 2017-05-02 11:07:21
AFAIK the remember_for only relates to the time that devise keeps the "remember me" token around, not the duration of the signed-in session.
I believe what you're looking for is changing the timeoutable config :
# ==> Configuration for :timeoutable
# The time you want to timeout the user session without activity. After this
# time the user will be asked for credentials again. Default is 30 minutes.
config.timeout_in = 90.minutes
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.