module OpenProject module Authentication module SessionExpiry def session_ttl_enabled? Setting.session_ttl_enabled? && Setting.session_ttl.to_i >= 5 end def session_ttl_minutes Setting.session_ttl.to_i.minutes end def session_ttl_expired? # Only when the TTL setting exists return false unless session_ttl_enabled? session[:updated_at].nil? || (session[:updated_at] + session_ttl_minutes) < Time.now end end end end