如何设置rails HTTP身份验证的超时时间?
如何设置rails HTTP身份验证的超时时间?
提问于 2013-06-20 23:34:01
我正在网站的一些控制器上使用rails HTTP摘要身份验证。对于我的目的来说,它工作得很好,但它超时非常快。
如何调整HTTP摘要认证的超时参数?如何实现HTTP基本鉴权的注销?
谢谢,
回答 1
Stack Overflow用户
回答已采纳
发布于 2013-06-21 00:13:47
如果用户离开站点,或关闭浏览器等,而您希望他们保持登录状态:
在您的SessionsController中:
def create
member = Member.find_by_user_name(params[:user_name])
if member && member.authenticate(params[:password])
session[:member_id] = member.id
if params["remember_me"] == "1"
cookies[:digest] = {:value => member.password_digest, :expires => Time.now + 720000}
else
cookies[:digest] = nil
end
redirect_to (url_to_go_to_after_login), :notice => "Logged in!"
else
redirect_to (login_url), :alert => "Invalid email or password"
end
end如何注销用户:
def destroy
session[:member_id] = nil
cookies[:digest] = nil
redirect_to url_to_go_to_after_logout, :notice => "Logged out!"
end如何从rememberme cookie登录用户:
def new
if member = Member.find_by_password_digest(cookies[:digest])
session[:member_id] = member.id
redirect_to (url_to_go_to_after_login), :notice => "Hello#{member.first_name}"
end
end要设置稍后的过期时间(应在rails > 2.3 https://github.com/rails/rails/blob/2-3-stable/actionpack/lib/action_controller/session/abstract_store.rb#L175中工作):
Your::Application.config.session_store :active_record_store, {
key: "your_session_id",
domain: ".your-domain.com",
expire_after: 48.hours,
}页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/17217849
复制相关文章
相似问题
腾讯云开发者
