So, I'm doing this app in Laravel and my client wants it to have a "lockscreen" after 3 minutes of inactivity, something like what new PayPal site is doing. So if you're not active for 3 minutes you are presented with lockscreen view and you have to type in your password to retrieve the session.
It would be awesome if I could achieve this without messing with core files, like via controller and new middleware.
You could use sessions for this and check for the time use waited with each new request. You could use middleware for that.
$request->session()->put('expire_time', \Carbon::now()->addMinutes(3));
Hey I have also applied this functionality on my app use this package.
https://github.com/orangehill/bootstrap-session-timeout
Its Awesome.
After the session times out you just on that request you break the user session and ask him to login again.
Related
I have changed the session driver of my app from file to database and found, that lots of sessions are inside app/storage/framework/sessions (~900) and now, in the mysql database.
When is a session created in laravel 5 ?
I thought when a new session cookie is set. Just wondering, because I think that ~200 sessions in ~ 30 min is too much . I don't have so many visitors. It almost looks as if every request makes a new session into the sessions table. I only changed the session driver. Did not change some other session option.
edit: This all is, because I wanted to build a 'n user online function' based on sessions. But with so many sessions, this would show too many users.
Laravel will create a session record for anything that hits your site. This includes automated requests like bots, uptime monitors, or other pings to your site.
It's possible to turn this off for certain page requests.
I'm doing an API for a mobile application. The application is made with Unity3D (I'm not developping it) but the guy who makes it told me that the session is not stored in Unity because it doesn't suport cookies.
I tried with Laravel to stores "cookie" in a file, but that didn't solve the problem.
Actually, in Unity, here is what is happening :
- log the user // returns : "Ok, logged."
- check if connected // returns : "user not connected"
I tried to do Session::setId() but it didn't work. Why ? Because I think the user is not in the Session but in the "Auth::" class. I didn't find any way to load the user who was connected.
I'm searching for an ID to get the first time and pass it as parameter in the URL to set it in the PHP to retrieve the connected user.
Your help is welcomed.
Thank you.
IF Unity doesn't support cookies, then you shouldn't be using PHP or Laravel sessions.
The alternative is to pass SystemInfo.deviceUniqueIdentifier in every request (in a header or POST, or GET field) from app to API. And on your API server you should make a DB table to write down all info you need about particular device: unique_identifier => all_the_info_i_have_on_this_device.
This works even better than cookies, because because user is not able to delete cookies or clear session.
I want to change the language in the laravel based on the Session value. I have tried few ways and I thought that I can do it with the laravel events.
I checked the documentation but there is no default event like app start. Is there anyother way which I can do it.
I need to do it without the URL prefixes. and there is no user auth system in the application. this is just a front-end application without any logins or DB access.
Thanks
I use two different applications in my CI installation. The first is called "admin"... obviously an admin panel. The second is "frontend" where everything else is. I use the same database for each of the apps and the same member tables, both for admin authentication and member auth. The problem is, since the CI session class doesn't use native PHP sessions, the session only works in the application that it is set in(which makes sense)... for example, if a user that is indeed an admin logs into the system through the frontend app and then clicks the link to the admin app, they are required to login again. If they have the "Remember Me" option selected across when they login to both apps, this obviously isn't a problem.
How would I fix this? Or do you guys think it's better to have them login to the admin app again, just to validate their admin status again?
Thanks for your time.
You could use the native php session instead. There's a class which you can just copy paste, and you'll not have to change any of the rest of your code.
I am using joomla 1.5.My login is with standar joomla module , I am having the request to automatically logoff users once thy close their browser, I dont know how Joomla handles the session or if is there any trick I can do to make this.. Thanks in advance
You could turn off cookies, I suppose - Check the Global Configuration.
For anyone else looking at this.
You can't clear a session when somebody closes the browser as the server doesn't know this has happened and the session data is stored on the server.
You can't disable cookies as then no one would be able to log in.
In global configuration you can set the session lifetime value to something like 15 minutes and if there is no activity in that period of time the user is automatically logged out.