Think about financial websites, if you are inactive for a certain period of time you will be asked to log back in on your next request. You can do this with Authlogic easily, there are 2 parts to this:
Define the timeout threshold:
acts_as_authentic do |c| c.logged_in_timeout = 10.minutes # default is 10.minutes end
Enable logging out on timeouts
class UserSession < Authlogic::Session::Base logout_on_timeout true # default if false end
This will require a user to log back in if they are inactive for more than 10 minutes. In order for this feature to be used you must have a last_request_at datetime column in your table for whatever model you are authenticating with.
Generated with the Darkfish Rdoc Generator 2.