---
src/app/controllers/application_controller.rb | 8 +++++++-
src/config/initializers/session_store.rb | 2 +-
src/public/javascripts/application.js | 7 ++++++-
3 files changed, 14 insertions(+), 3 deletions(-)
diff --git a/src/app/controllers/application_controller.rb
b/src/app/controllers/application_controller.rb
index 477b7f4..7241e52 100644
--- a/src/app/controllers/application_controller.rb
+++ b/src/app/controllers/application_controller.rb
@@ -25,7 +25,7 @@ class ApplicationController < ActionController::Base
# FIXME: not sure what we're doing aobut service layer w/ deltacloud
include ApplicationService
helper_method :current_session, :current_user, :filter_view?
- before_filter :read_breadcrumbs, :set_locale
+ before_filter :read_breadcrumbs, :set_locale, :check_session
# General error handlers, must be in order from least specific
# to most specific
@@ -421,4 +421,10 @@ class ApplicationController < ActionController::Base
result
end
+ #before filter to invalidate session for backbone
+ def check_session
+ return unless request.format == :json
+ logout if SessionEntity.find_by_session_id(current_session).created_at <
15.minutes.ago
+ end
+
end
diff --git a/src/config/initializers/session_store.rb
b/src/config/initializers/session_store.rb
index 8ff62fa..5fd69a1 100644
--- a/src/config/initializers/session_store.rb
+++ b/src/config/initializers/session_store.rb
@@ -28,4 +28,4 @@ Conductor::Application.config.session = {
# Use the database for sessions instead of the cookie-based default,
# which shouldn't be used to store highly confidential information
# (create the session table with "rake db:sessions:create")
-Conductor::Application.config.session_store :active_record_store
+Conductor::Application.config.session_store :active_record_store, :expire_after =>
15.minutes
diff --git a/src/public/javascripts/application.js
b/src/public/javascripts/application.js
index 2162880..fa842b2 100644
--- a/src/public/javascripts/application.js
+++ b/src/public/javascripts/application.js
@@ -25,7 +25,12 @@ $.extend(Conductor, {
$('#tab').html(data).show();
})
.error(function(data) {
- $('#tab').html(data.responseText).show();
+ // If our session has timed out, redirect to the login page:
+ if(data.status == 401) {
+ window.location = Conductor.PATH_PREFIX + "login";
+ } else {
+ $('#tab').html(data.responseText).show();
+ }
});
Conductor.tabRemoveActiveClass();
--
1.7.11.2