lib_static/open_project/authentication/session_expiry.rb
module OpenProject
module Authentication
module SessionExpiry
def session_ttl_enabled?
Setting.session_ttl_enabled? && Setting.session_ttl.to_i >= 5
end
def session_ttl_minutes
Setting.session_ttl.to_i.minutes
end
def session_ttl_expired?
# Only when the TTL setting exists
return false unless session_ttl_enabled?
# If the session is rack-provided and empty, also skip it
return false if session.empty?
session[:updated_at].nil? || (session[:updated_at] + session_ttl_minutes) < Time.now
end
end
end
end