Web Development

Expiring User sessions is in someway a security measure against users who tries to access a website or application using a computer that was logged into by a verified user. This user may have just forgotten to logout. If you are using Devise with Ruby on Rails, you are in luck.

  # ==> Configuration for :timeoutable
  # The time you want to timeout the user session without activity. After this
  # time the user will be asked for credentials again. Default is 30 minutes.
  config.timeout_in = 20.minutes

The config.timeout here has been adjusted to 20 minutes. You may change this to anything you want.

Thanks for reading!