do you know how to configure a timeout on:token_authenticatable strategy on devise on Rails?

Question

0

Editorial Team

Asked: May 29, 20262026-05-29T16:11:08+00:00 2026-05-29T16:11:08+00:00

do you know how to configure a timeout on:token_authenticatable strategy on devise on Rails?

0

do you know how to configure a timeout on:token_authenticatable strategy on devise on Rails?

I set both :timeoutable and :token_authenticatable

 devise :database_authenticatable, :registerable,
           :recoverable, :trackable, :validatable, :timeoutable,
          :token_authenticatable, :lockable

If I login with username and password, the timeout is correctly taken into account and I am asked to relogin again, while the token I set when I login it is not giving any timeout and it is always valid, until I do a proper logout (as I set a current_user.reset_authentication_token! in the destroy method).
Is there an easy way to set a token timeout not too intrusively (ie. modifying the devise code) or without hack (ie to have a cron job which is regularly checking last sign_in and reset the token if necessary)?

thanks

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-29T16:11:09+00:00

Editorial Team

2026-05-29T16:11:09+00:00Added an answer on May 29, 2026 at 4:11 pm

I did similar thing with rake tasks:

namespace :app_name do
  desc "reset all auth_tokens"
  task :reset_auth => :environment do
    users = User.find(:all)
    users.each do |user|
      user.reset_authentication_token!
    end
  end
end

And then cron:

rake app_name:reset_auth

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

do you know how to configure a timeout on:token_authenticatable strategy on devise on Rails?

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply