v0.4.9

This release supports devise 3.5.2 to 4.0 (not including).

It is a bugfix release which, however, introduces a breaking change. The configuration option expire_auth_token_on_timeout was removed as the previously introduced warden hook for timeoutable did not work as expected. In combination with the original devise warden hook for timeoutable the introduced hook for this gem got never called. This resulted in a never expiring authentication token. Confer the discussion.

With this release a new configuration option is introduced called token_expires_in. Confer the readme on how to use it. With this addition, you will need another datetime column in your model table called authentication_token_created_at which is used to store the time when an authentication token was created for a specific record.

Thanks a lot to @mikwat for bringing this up and working on a fix. Also, thanks to @lauraannwilliams for her initial idea.