开发者

Session Problem in Sinatra

My sinatra application uses Rack::Session::Pool and it works fine.

I created a logout route using session.clear and it works fine as well.

But (there is always one) if the user closes the browser without clicking in the logout button the user keeps logged when he reopens the browser.

I checked the cookies in firefox and the session cookie (rack.session) still there! I went to my site, went to another site, verified the cookies and it was there, closed the browser and opened it again and the rack.session still there :( My client even rebooted his machine and he still logged in the site.

If I set the expire_date in the Rack::Session::Pool it works but then the cookie became persistent. I want the user's session to expire when he closes the browser regardless of expiration date (the worse case scenario is an user in a public computer or in a lan house).

I'm already working on this for 2 days, I looked in the rack source and I tried setting the others variables in the Rack::Session::Abstract but with no success until now.

For now I set the session t开发者_如何学Goo expire in 5 minutes to minimize the problem but this is not a good solution since the user still exposed for 5 minutes since his last request (if the users don't hit the logout button).

This is my cookie configuration:

app = MyApp.new
sessioned = Rack::Session::Pool.new(app,
                                    :domain => DOMAIN,
                                    :expire_after => 5 * 60)
run sessioned

Maybe I missing something here. Does anyone know what could be the problem? or had the same problem? Or any link?

Cheers,

Jonas


Remove the :expire_after and it stops the session persisting when the browser is closed.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜