I have implemented a javascript client side logout with a simple method, but am interested in alternatives and thoughts as I had two issues...
Method: 1. Configure logout time in milliseconds to match server side.
On page load start timer For warning popup one min before server would time out.
On each Ajax request and/or inner page switch (mostly single page app with backbone routes) reset timer.
After 15min warning popup triggers start another 15min timer to actually ping logout url on server and redirect user to login page.
Issues: 1. Using setTimeout and clearTimeout, however seems sometimes losing reference to timer handle stored in window variable, as it will not graphics and kill it. Perhaps related to multiple fast user clicks, not sure. This is somewhat of mystery but #2 is design issue.
- Our app does several open in new tab operations for full page viewing of docs, large data. These pages also start a timer, so user goes back to main tab and continues activity, however 2nd tab timer, passing same session cookie, eventually times out when server would not have. The user then suprisingly gets timeout message on original/active tab.
Thoughts? Other approaches for a cookie based html5 web app?
Aucun commentaire:
Enregistrer un commentaire