The main point of my post was to extend the session and avoid a post back to the server (round trip). Logging them out won't accomplish that. A post to the server would lose un-submitted data and break any video/chat session connections.
In the current iteration, the session regenerates from the ajax call and the user can navigate normally using the new sessionid. If the user clicks continue and remains on the page beyond the original session timeout the session still expires. If the user tries to submit or navigate, the session->is_logged_in() returns false and my code redirects to the unsecured area.
I have set the session timeout 305 for testing so my dialog pops up after 5 seconds on the page loads. The user has three choices from the dialog; ignore, logout and continue. Ignore simply closes the dialog and lets the session time-out as normal. Logout is self explanatory and continue currently does an ajax post.
I my first thought was to simply do a
location.reload(true); to force the page to reload which works for most of the pages. It breaks the video chat session and loses data and resets table sorts and filters on the rest of the pages.
I believe the problem is the cookie expiration. I thought of rewriting the cookie with an expiration extension to match the sessiontimeout . I have the cookie_httponly configuration setting set to false in the config file but CI is still sending the cookie with the HttpOnly flag set so the cookie isn't available to javascript to rewrite.