If I run the application on SSL, login with "remember me", the session expires correctly according to the config.remember_forsetting. Switching to http:// expires the session ignore config.remember_for and reflect config.timeout_in.
Any idea to fix it?
SSL or non SSL specifies settings
config.rememberable_options
Also must use host name e.g. "example.com" not only IP.
With "remember me" checked, the session expires after
config.remember_for
When unchecked "remember me" expires after
config.timeout_in
All in config/inicializer/devise.rb