Best way to check log in status and prompt user to re-login?

I'm getting complaints from some users when they start to fill out a form, go away from their computer, allow enough time to pass to when they return and try to save the form, their session has expired and the token has expired. They get a 500 (token mismatch) and have to login again, and their data is lost.

I like how Wordpress has the login modal after the session has expired, but wonder if there's something I can do that can prevent the data loss. I'm not sure how WP does it, but would it be possible to do something like that with Laravel? Would I have a setTimeout that does a get on a url to see if they're logged in still? I've never done a Laravel ajax login. Is it simple enough to do?

Not sure the best way to go about it, so I'm looking for ideas! Thanks community

samalapsy

9 years ago

Level 2

Laravel has made a session active for 120 minutes. If logged in time exceeds 120 minutes, user's session would be expired. If user tries to submit form, it would return token mismatch.

To Extend session timeout, check your config/session.php file and change the liftetime to the desired number of time in minutes.


return [

    /*
    |--------------------------------------------------------------------------
    | Default Session Driver
    |--------------------------------------------------------------------------
    |
    | This option controls the default session "driver" that will be used on
    | requests. By default, we will use the lightweight native driver but
    | you may specify any of the other wonderful drivers provided here.
    |
    | Supported: "file", "cookie", "database", "apc",
    |            "memcached", "redis", "array"
    |
    */

    'driver' => env('SESSION_DRIVER', 'file'),

    /*
    |--------------------------------------------------------------------------
    | Session Lifetime
    |--------------------------------------------------------------------------
    |
    | Here you may specify the number of minutes that you wish the session
    | to be allowed to remain idle before it expires. If you want them
    | to immediately expire on the browser closing, set that option.
    |
    */

    'lifetime' => 120,

    'expire_on_close' => false,

I think wordpress ajax saves your information automatically.

I hope it helps...?

WebKenth

9 years ago

Level 16

Either extend their session time or make a nasty ping script that sends a signal to your server to refresh your csrf token

1 like

Snapey

9 years ago

Level 122

There's a package for that https://packagist.org/packages/genealabs/laravel-caffeine

grantholle

9 years ago

Level 1

@Snapey That package has a php dependency of 7.0, which I can't do where this project is hosted

Please or to participate in this conversation.