Laravel Auth session timeout

laravel session authentication
11,679

The default value of the session is defined under config/session.php. You can get the value by using the config helper function config('session.lifetime').

In your case you will need to check the session time on the client side (javascript.)

Here a code example to refresh the page before the session expires. This code is for the blade template.

@if (Auth::check()) 
    <script>
    var timeout = ({{config('session.lifetime')}} * 60000) -10 ;
    setTimeout(function(){
        window.location.reload(1);
    },  timeout);



    </script>
@endif

You can adjust the code to prompt with a dialog to confirm if the user wants to extends his session time and do an ajax to get or refresh the session time.

Share:
11,679
user1988589
Author by

user1988589

Updated on June 04, 2022

Comments

  • user1988589
    user1988589 almost 2 years

    I have seen several questions in this area and so far all replies seem to focus on detecting expiration on the next User action. Regardless of being able to do this, what I want is to have the server side code detect the expiration and then force a refresh of the User screen. Conceptually, the process is something like this:

    1. Expiration detected on the server side
    2. Optionally, a message is sent to the User asking if they wish to continue. If no response, force the logoff process and advise the user accordingly. If User confirms they want to remain in session, then simulate some activity to reset the expiration time. If no message is sent, simply force a new screen.

    In my case, I use Auth to login and grant administration rights to the user. This includes access to maintenance forms / buttons.

    Basically what I do NOT want is a screen left as it was pre-expiration suggesting that the User is a) still logged on and b) showing details of what they were doing at the time. If the User has special rights, they should not remain visible after expiration. For example, the administrator is changing a User's personal details and gets called away. Given that he/she should have terminated the process and logged out, if they failed to do this the details should not be left onscreen for some other person to see them sometime later.

    The ideal would be some form of Event Listener but even then I am unsure as to how to force a screen change short of running a JS timer loop.

    I would assume that I am not the only one with this type of requirement so my question is ...

    How do you handle this type of requirement within the constraints of Laravel 5?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Set session data after authenticate user using default auth route in laravel 5.2
Laravel: share session data over multiple domains
Laravel Auth session losing when redirect pages
HTTP Error 401.0 - Unauthorized
Laravel - session data survives log-out/log-in, even for different users
How to extend Laravel's Auth Guard class?
Laravel reset password route not working
Laravel 5 SQLSTATE[42S22]: Column not found: 1054 Unknown column 'user_id' in 'field list'
Laravel - Get items from session array
Laravel 5.6 - Get Route By Name In Controller