I want to implement a "lock window" function into my application. Is it possible to lock a session and reactivate it?
Case: After x minutes the application will get locked. The user must now type in his password and will be redirected to the former route and logged in again.
In /config/session.php you can set the amount of idle time before the session expires:
/*
|--------------------------------------------------------------------------
| Session Lifetime
|--------------------------------------------------------------------------
|
| Here you may specify the number of minutes that you wish the session
| to be allowed to remain idle before it expires. If you want them
| to immediately expire on the browser closing, set that option.
|
*/
'lifetime' => 120, // edit this
If you want to include non idle time, you can create some middleware which can auto log-out your user. You can store the time the user logged-in in the session, and in the middleware store your $timeout variable. You can force log-out of an auth user like so:
auth()->logout()
if the time logged in + $timeout has passed.
Related
In my project I am using session destroy method which very simple way in Laravel 5.2 .
/*
|--------------------------------------------------------------------------
| Session Lifetime
|--------------------------------------------------------------------------
|
| Here you may specify the number of minutes that you wish the session
| to be allowed to remain idle before it expires. If you want them
| to immediately expire on the browser closing, set that option.
|
*/
'lifetime' => 10,
'expire_on_close' => true,
Now my question is when session destroy automatically or user close browser tab or close browser that time execute logout query. Is it possible execute logout function all cases?
My logout function
public function logout()
{
$user = Auth::user()->toArray();
$user1 = ActiveUsers::where("assinedto_id",'=',$user['_id']);
$user1 ->delete();
Auth::logout();
return redirect('/login');
}
I want to when session destroy or close browser tab or close browser that time run logout() function. Please suggest me. Thanks
The server does not know if the user has closed the browser window. You need to detect this event via javascript on the client side and notify the server manually.
See this answer: javascript detect browser close tab/close browser
Do this 'expire_on_close' => true in app/config.php if you want users session to expire or destroy only when the entire browser is closed not the tab.
If only the tab is closed it wont destroy the session except the entire browser is closed.
Every once in a while I get a token mismatch exception. I send the token so that can't be it. When I clear cache en delete my cookies it's fixed again. What could this be?
Additional info
It started happening when I cached all rendered html to make the website offline capable.
The token mismatch exception indicates that your session has expired.
You can properly handle this exception. Take a look in this forum.
you can increase the time limit of session in config/session.php
/*
|--------------------------------------------------------------------------
| Session Lifetime
|--------------------------------------------------------------------------
|
| Here you may specify the number of minutes that you wish the session
| to be allowed to remain idle before it expires. If you want them
| to immediately expire on the browser closing, set that option.
|
*/
'lifetime' => 30,
'expire_on_close' => true,
its 30 minutes by default..
How to set expired time for Sentry auth / token?
I Need to set the time to 60 minute or 1 day maybe.
Is it can be set at config? but i don't find the setting for expired time login.
Go to config\session.php.
Change the lifetime value to any number of minutes. Sentry will use that value as its session expiry time.
As per the laravel documentation:
| Here you may specify the number of minutes that you wish the session
| to be allowed to remain idle before it expires. If you want them
| to immediately expire on the browser closing, set that option.
I have a wierd problem with my project. When user logs in to web application expiration time of laravel_session and XSRF-TOKEN are set at current timestamp.
Problem is that users randomly are logged out. I think that problems lies in session cookies and I don't know how to fix this problem.
Does someone knows where's the problem
Here is my session config:
'driver' => env('SESSION_DRIVER', 'file'),
/*
|--------------------------------------------------------------------------
| Session Lifetime
|--------------------------------------------------------------------------
|
| Here you may specify the number of minutes that you wish the session
| to be allowed to remain idle before it expires. If you want them
| to immediately expire on the browser closing, set that option.
|
*/
'lifetime' => 120,
'expire_on_close' => false
When user logged-in and remains inactive, How many seconds after that system logouts the user automatically? How to change this setting?
Assuming you are using the session driver to handle your authentication, you can change the time period for an idle session to expire in the /app/config/session.php file.
/*
|--------------------------------------------------------------------------
| Session Lifetime
|--------------------------------------------------------------------------
|
| Here you may specify the number of minutes that you wish the session
| to be allowed to remain idle before it expires. If you want them
| to immediately expire on the browser closing, set that option.
|
*/
'lifetime' => 120,
'expire_on_close' => false,