How can I detect in JavaScript if a session has terminated. I have a survey application that can take a while to complete. On the save button I want to see if the session is still active and if not to display a message. I don't want to go through messages indicating how much time before it closes.
Related
i want to make login system, and check if user is multiple login and give notification " account already login in other device" in current user login. how to make system like that? I've searched for it on google but couldn't find the right one
check if user is multiple login and give notification " account already login in other device" in current user login
Problem:
You can't really tell when the user is still logged in because the stateless server.
Lets say I log in inside an incognito window. When I close the session cookie is deleted.
But on the server it's still exists. How do you tell I'm actually logged in or not?
Solution:
You can make a heartbeat request to the server and log the activity.
So you have a JS code sending request in every minute so you know the user is online. Also in every request you set the cookie as well.
So you log the last activity time in every minute and every request.
When the user tries to log in you check if the logged activity is older than two minutes.
In my project, when user logs in, then I make an entry in A table Called LogTable and show it to the Admin Page that this user is online. And when user clicks on the log out button, then I delete data of that user from the log table, so this user is not shown online to the admin.
Now the main problem is that if user will close his browser without clicking that button, then how to delete those data.
Or what can be other way to achieve it in the best way?
I want that if user logs in from one system and tries to login from another system, then firstly we show that you are logged in another system and if she/he clicks on retrieve, then her/his other login automatically logs out and she/he has to login again.
Integrate your c# with javascript, javascript detect browser close, if you want to delete your data from db then you have to make http request for deleting data in this function. Try to interate it or make xml ajax request when browser is closing.
$(window).bind("beforeunload", function() {
return "write your code over here for deleting data.";
})
I would suggest reading up on the ASP.NET life cycle here and here.
Usually, we store that information using Session state.
The session is created for each user individually and will be automatically destroyed after a certain amount of inactivity or after the user has moved away from the page.
You could possibly use Application state.
But application state is shared among all users and persists until the last user has navigated away from the site.
I hope this helps :)
I am working on implementing a "presence" feature on a website built on a classic asp (vbscript), SQL Server, javascript, IIS7 stack.
The existing authentication/log in system uses sessions, with a default 20 minute session timeout. The user data is stored in a SQL Server table. A cookie is also set when a user logs in, which enables tracking of registered users even when not logged in.
There is a column in the USERS table which holds the state e.g. "online" or "offline". The following is the logic I've come up with thus far:
Status is set to "online" when:
user logs in
a cookie is detected e.g. user returns but doesn't yet log in
Status set to "offline" when:
user logs out
user closes browser (use a javascript event to detect)
user navigates away from the site (not sure yet how best to detect this)
users session expires (handled in global.asa's Session_OnEnd subroutine)
Questions:
Am I overlooking anything in the logic presented above?
What is the best way (within js / classic asp) to detect items 2 and 3 above in the "when to set status to 'offline'" list
Thanks
With 2 and 3 there are js restrictions as to what you can do when js detects a potential leaving of the page. I think all you can do is to show a message before they leave. This means you wont be able to run any js as they are leaving.
Best way to detect when a user leaves a web page?
As Gary said probably the most effective way is to use some ajax to ping a script on the server to update a LastTimeOnline field in your db.
Another way is to use the Session_OnEnd but this may give a false figure as a user could be online for 5 secs which would trigger a 20 minute session.
Best to do the ping really.
All the other logic you have there seems fine.
Just spotted your other comment. Yes if someone leaves their browser open at the page then potentially this could be pinging all day. But then they maybe online so you'd have no choice but to presume that a session is active really. You could always add a bit of js that detects clicks and scrolling to determine activity.
IMHO, the best way to handle 2 and 3 is to have the client send a ping every x seconds, update last access time in DB, then have a logout function on the server side that looks for non-access within x amount of time, and update flag.
These automatic pings will make it seem like there is activity from the client when there may not be, and in this case add some events that capture mouse and keyboard activity. If they stop for some period of time, stop sending pings. Restart pings when activity resumes.
A ping is the only way that you will be 100% sure that the user is still there. Think of example where a user just shuts off the machine. You will not know that they are gone until 20 minute timeout expires. If you set your ping for 60 seconds, you will know very quickly is a user disappears.
I have an alert that pops up when the users session is about to expire and when it does expire. The issue is that if multiple tabs are open for the app, multiple alerts will get fired in succession which is very annoying.
I'd like to make a check on the backend for session information before showing an alert. That way if in one tab the session is about to expire (according to the front end), but it's not actually about to expire because you've been operating in another tab, the alert won't display and steal browser focus. Ideally I'd like this to remain as an alert so the first and proper display of the warning does take browser focus.
So is it possible to make a request like this without refreshing the session?
Trying to do this in JavaScript is silly - it will be really hard to keep the countdown timer in sync with the PHP session.
If you are implementing a hard timeout on the session then you must already be using a custom session handler - so simply implement a variant of that in your Ajax responder which does not lock or write back the session.
OTOH if you're not really implementing a hard session timeout, and you are not already using a custom session handler (which I suspect really is the case). Then just check the timestamp on the session file.
I have a angular application with api calls being made to back end for logging and and so forth. What i need is to be able to tell when the session expires and logged the user out.
I know on every route change i can check if the user is logged in or not which i do right now but how can i handle it when they are idle. So i have instances where the user is on a specific page and remains inactive and although they are logged out in the back end i do not know on the front end and need some where to constantly be checking. Any solutions for the best method.
A client-side solution without polling:
(re)start a timer at each route change to show a message after 15(this number should coincide with the amount of time the user is logged out in the back-end) minutes.
The only downside to this is that if your app sends data outside of route changes the user could receive of notification of being logged out while the user is still logged in.
It would also require that your route changes actually send a request to the back-end.