Hello this approach makes to me more sense, looks great
I mean
If a user is logged in into a php app and the current page is showing his personal details, so far, all the PHP scripts I have seen, will check for the session at next view load action.
Instead the js approach makes much more sense
No user interaction for some timeout? then go to some login page
… would you redirect to some session destroying script? Or … ?
Thank you for sharing your approach
Hi @Corsari - welcome to the forums
It depends on what your goal is. If inactivity means they need to “reauthenticate”, then proactively sending them to a log-in page would seem like a good idea. As part of this, overwriting a cookie value or whatever mechanism you use to keep the user from re-authenticating with each navigation, seems reasonable as well.
Hello Kirupa!
Thank you for replying
I mean that a real user inactivity logout mechanism , must check the activity as your script does
Now , I was just asking you, what do you kindly suggest as logout mechanism when it comes to apply your script to a PHP application
In practice , what would you do ? I admit I didn’t studied sessions commands with JS . Do you mean you can do session destroy with JS?
So JS can end with session destroy and redirect to some login page?
Thank you
That is a tough one to answer without knowing what your implementation does. Do you have a logout capability already built? If so, do you know what exactly it does? For example, does it clear a cookie?
Hello
As PHP app, it is based on sessions.
More specifically, I’m experimenting with CodeIgniter MVC PHP framework
So the first idea I have is to use your script and after the timeout, redirect with JS to a method for the logout ( wipe the session ) and that all together redirects to the login one.
I’m wondering if this is the supposed “best” approach
or if rather you’d suggest some better one
Thank you
That does sound like a great approach. Once you detect inactivity, navigate to a page that does all of the logging-out magic and navigates you to the login screen/page afterwards