Overview of features
Home
Read this first
About
web2py is 100% free
Download
Start learning web2py today
Documentation
Authors and contributors
Staff
Affiliated companies
Support
Edit page
Title:
Security Code:
Body:
(use
this
wiki markup)
Timeout depends on user's parameters: - the timeout time - what happens on timeout. Session should ever expire because they can be used for tracking, not just authentication. Nevertheless, on timeout, user should be logged out. How user is logged out/in is very application specific. I suggest you create a model file called models/timeout.py that contains import time TIMEOUT=30*60 # seconds PATH_ON_TIMEOUT='/%s/default/logout' % request.application if session.lastrequest and session.lastrequest<time.time()-TIMEOUT and request.env.path_into!=PATH_ON_TIMEOUT: #optional if you don't care about tracking usage: session.clear() redirect(PATH_ON_TIMEOUT) session.lastrequest=time.time() and create a controller default/logout that performs the logout. I do not think you need more.