[Catalyst] "You have been automatically logged out."

J. Shirley jshirley at gmail.com
Wed Feb 21 04:52:27 GMT 2007


On 2/20/07, Chris Carline <chris at carline.org> wrote:
> On 2/20/07, J. Shirley <jshirley at gmail.com> wrote:
> > If you aren't doing any AJAX interactions, the simple approach is to
> > add a JavaScript listener to the onload event that calls the following
> > (untested) function:
> >
> > var activityTimer;
> > function setActivityTimeout(time) {
> >     if ( activityTimer ) clearTimeout(activityTimer);
> >     activityTimer = window.setTimeout( function() {
> >         alert("You have been logged out.");
> >         document.location = "/";
> >     }, time || 600);
> > }
> >
> > On each page unload, this timer will be canceled.  If you do any AJAX
> > loads that count as activity, simply call setActivityTimeout() on the
> > initiation of the remote event.  And, of course, expire the session on
> > the server to match whatever is your client side time out as well.
>
> Why not simply add a meta refresh tag to the top of the template header?
>
> e.g.:
> <meta http-equiv="refresh" content="[% timeout_mins * 60 %];url=[%
> c.uri_for('/logout') %]" />
>
> _______________________________________________
> List: Catalyst at lists.rawmode.org
> Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/
> Dev site: http://dev.catalyst.perl.org/
>

Chris,

The meta refresh is a good idea, although I avoid it because an
inadvertent escape cancels the timeout in some browsers (Firefox being
one).  This means if the user hits escape for whatever reason, the
feature is just disabled without warning; with a javascript method it
tends to be more consistent for the user.

-J

-- 
J. Shirley :: jshirley at gmail.com :: Killing two stones with one bird...
http://www.toeat.com - http://code.toeat.com/~jshirley



More information about the Catalyst mailing list