diff --git a/app/controllers/c_user_controller.rb b/app/controllers/c_user_controller.rb index 1acfa74..f494e83 100644 --- a/app/controllers/c_user_controller.rb +++ b/app/controllers/c_user_controller.rb @@ -4,12 +4,21 @@ class CUserController < ApplicationController helper_method :current_counselor_user def is_user_authorized? + dt = Time.now + session[:current_counselor_user_login_time] = Time.now if session[:current_counselor_user_login_time].nil? + dt1 = session[:current_counselor_user_login_time] + 20.minutes + if dt > dt1 + redirect_to member_logout_path and return + else + session[:current_counselor_user_login_time] = Time.now + end redirect_to member_login_path if current_counselor_user.nil? end def create_cuser_session(user=nil) if !user.nil? and current_counselor_user.nil? session[:current_counselor_user_id] = user.id + session[:current_counselor_user_login_time] = Time.now end end diff --git a/app/controllers/member_counselors_controller.rb b/app/controllers/member_counselors_controller.rb index f5c5e21..c15588b 100644 --- a/app/controllers/member_counselors_controller.rb +++ b/app/controllers/member_counselors_controller.rb @@ -1,6 +1,6 @@ class MemberCounselorsController < CUserController - before_filter :is_user_authorized?, :only => ["show"] + before_filter :is_user_authorized?, :only => ["show", "fileupload", "resultupload", "editfileupload", "editresultupload", "file_upload", "result_upload", "update_file_upload", "update_result_upload", "deletefileupload", "deleteresultupload", "newrecord", "new_record_upload", "editrecord", "update_record_upload", "deleterecord"] def index idx = 0