Using devise 3.2.4 with rails 3.2.13.
I am trying to expire auth token on session timeout therefore in my devise.rb file , I have made following changes :-
config.timeout_in = 1.minutes config.expire_auth_token_on_timeout = true
The timeout works perfectly, user is logged out after 1 minute of inactivity period but the auth token is not expiring on timeout.
Here is the user model:-
devise :database_authenticatable, :async , :registerable, :confirmable,
:recoverable, :rememberable, :trackable, :validatable, :omniauthable, :timeoutable
Any idea what I am missing ?
Aucun commentaire:
Enregistrer un commentaire