"say, if the browser is idle for 15 mins, then it automatically redirect to the admin/logout, where admin is my controller name, logout is the method name."
To get it to only log them off if the browser has been idle for 15 minutes you could create a javascript listener. The easiest way would be to detect mouse movement, key presses, clicks and supplement that with an onunload listener so all bases are covered. When time runs out, the page is automatically redirected and the session reset. When the page unloads, the server is notified. The server will then store an attribute in their session specifying when they became inactive. Depending on whether or not you are using the cookie session store, you might want to store this info in the database rather than in the session store just because there is a remote possibility of a replay attack. If the user reloads any page more than 15 minutes after the last activity, the session will reset. Here is the code (it assumes you are using prototype): // idle.js // portions adapted from http://www.andrewsellick.com/67/simple-javascript-idle-state-using-//prototype // 15 min in ms var idleTime = 900000; var timeOut = ”; function init() { new Ajax.Request('/login/inactivity?action=check', {asynchronous:true, evalScripts:true}); Event.observe(document.body, ‘mousemove’, resetIdle, true); Event.observe(document.body, ‘click’, resetIdle, true); Event.observe(document.body, ‘keypress’, resetIdle, true); setIdle(); } function onIdleFunction(){ new Ajax.Request('/login/logout?rsn=inactivity', {asynchronous:true, onComplete:function(){document.location.href='/login'}}); } function resetIdle(){ window.clearTimeout( timeOut ); setIdle(); } function setIdle(){ timeOut = window.setTimeout( "onIdleFunction()", idleTime ); } function unloadReport() { new Ajax.Request('/login/inactivity?action=set', {asynchronous:true}); } Event.observe(window, ‘load’, init, false); Event.observe(window, ‘unload’, unloadReport, false); Controller code will follow in the next post -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
