Reputation: 6180
What happens to Rails session after :expire_after time is up?
Does the session become nil? Does the change take effect only on the next request?
I think I just asked three questions now...
Upvotes: 8
Views: 7497
Answers (1)
Reputation: 5839
You can try to explore by using the similar settings:
AppName::Application.config.session_store :cookie_store, key: '_session_key', expire_after: 20.seconds
Then open up dev tools in your browser and go to cookies and select localhost cookies to see what happens.
I found out that:
Session cookie gets deleted after the expiration time
Expiration time for a cookie gets updated automatically (re-set) upon any request (even background ajax request counts)
The effect by default will take place upon the next request (refreshing the page for example) and if you use typical authentication (has_secure_password_ for example) user should be logged out
I found the last comment on the ActionController::Base documentation page really helpful on this topic
Upvotes: 14
Related Questions
- Rails 4: Session Expiry?
- Expire a Session after Closing the Browser OR after 30 Minutes in Rails?
- Ruby on Rails session expire date
- When is a session destroyed in rails?
- Ruby on Rails Session Expiration
- Expiring Multiple Sessions at Different Times in Rails 4
- How do I expire a session after one hour, like cookies?
- Session's storage and expiration in Rails
- ruby on rails, session expire notification
- What happens to cart object when session expires?