问题
I have seen several questions in this area and so far all replies seem to focus on detecting expiration on the next User action. Regardless of being able to do this, what I want is to have the server side code detect the expiration and then force a refresh of the User screen. Conceptually, the process is something like this:
- Expiration detected on the server side
- Optionally, a message is sent to the User asking if they wish to continue. If no response, force the logoff process and advise the user accordingly. If User confirms they want to remain in session, then simulate some activity to reset the expiration time. If no message is sent, simply force a new screen.
In my case, I use Auth to login and grant administration rights to the user. This includes access to maintenance forms / buttons.
Basically what I do NOT want is a screen left as it was pre-expiration suggesting that the User is a) still logged on and b) showing details of what they were doing at the time. If the User has special rights, they should not remain visible after expiration. For example, the administrator is changing a User's personal details and gets called away. Given that he/she should have terminated the process and logged out, if they failed to do this the details should not be left onscreen for some other person to see them sometime later.
The ideal would be some form of Event Listener but even then I am unsure as to how to force a screen change short of running a JS timer loop.
I would assume that I am not the only one with this type of requirement so my question is ...
How do you handle this type of requirement within the constraints of Laravel 5?
回答1:
The default value of the session is defined under config/session.php. You can get the value by using the config helper function config('session.lifetime').
In your case you will need to check the session time on the client side (javascript.)
Here a code example to refresh the page before the session expires. This code is for the blade template.
@if (Auth::check())
<script>
var timeout = ({{config('session.lifetime')}} * 60000) -10 ;
setTimeout(function(){
window.location.reload(1);
}, timeout);
</script>
@endif
You can adjust the code to prompt with a dialog to confirm if the user wants to extends his session time and do an ajax to get or refresh the session time.
来源:https://stackoverflow.com/questions/54991984/laravel-auth-session-timeout