ajax check session expiration |
Hi,
I have set up my own auth library, working with sessions (files driver in CI3). I want to add a periodic ajax check to verify if the user's session has not expired : for example, if the user left his browser open but didn't do anything during 5 minutes, I will display a re-login form in a modal window (similar to the one in Wordpress or phpMyAdmin). So I have a JS function called periodically (every 10 minutes for example) which makes an ajax request to a specific Ajax controller in my app. The problem is that this controller extends the CI_Controller and the session is automatically refreshed when the controller is called, before I can make my session check. So the session never expires because of this periodic ajax call. Do I need to add a session variable 'last_activity' which would store the timestamp of the last real action made by the user ? if this timestamp is not refreshed by the ajax call, I think this could work. But I'm wondering if there is not a better way for doing that, or maybe something I missed in the core CI Session library. thanks for your advices and help !
I haven't used in CI3 session stuff, but I do all this in the browser with JS. If you're just after a timeout sort of thing, you could do something like this using a tiny JS library (https://github.com/shawnmclean/Idle.js):
Code: var paths = window.location.pathname.split( '/' ); HTH. Michael
I use a different technique:
1. For normal requests - for the non-public pages the corresponding base controller checks whether a user is logged in and if not - redirects to the login page. 2. For non-public AJAX requests - if a user is not logged in, the response HTTP result code is 403, then the javascript makes the jump to the login page - http://viralpatel.net/blogs/jquery-ajax-...uest-ajax/ This is the fragment of code I use: Code: <?php defined('BASEPATH') or exit('No direct script access allowed');
Put session live to 5 minutes (3000 seconds) and active session using database.
Your request every 10 minutes : - create in user_data a field like key ($this->session->set_userdata('key') = 1 for example at the connexion). - check if isset and != '' for this session variable with your ajax request at 10 minutes and if is not isset or == '', send an ajax answer with a status. When this status is received in your view, alert your message of login again. |
Welcome Guest, Not a member yet? Register Sign In |