On 08/03/2012 06:16 AM, Tomáš Hrčka wrote:
I have added before filter to check if request is json and then invalidate
session manually.
Regular user activity is handled by activerecord session store timeout option.
This patch may need another revision
to set the session timeout time in configuration file, but right now I am not
sure where it should be.
There is another option to make sure all sesions ale expired is to create
delayed_job
job for periodicaly checking SessionEntity table.
I don't think the request being json is a sufficient test for backbone
-- json is also a valid request format for API calls (and at one point
we used json in some of our own UI calls for ajax stuff - although we
may not be doing that right now). I think we need to check something
more backbone-specific -- possibly inserting a query param for backbone
reqests (backbone=true or something similar).
Scott
