Hi everyone, im making an end session feature for admin users wherein it can select users to end their session. Currently, my session driver is using database and the end session feature works fine.
The problem is, in order to validate if the session is expired/void, the user needs to sends a request to the server. In my case, I want to end the user session regardless whether the user sends a request or not. Using javascript polling seems like not a good approach since it will keep sending request to the server, as it might cause problems for large number of login users.
What is the optimal way of doing this? Thanks in advance
First question to ask is a business one. Given that the admin kills the session for a user, and given that the user can only see what they saw before the admin killed the session, how long is it acceptable for the user to keep seeing the same information?
Suppose the answer is 10 seconds then you will probably need to implement some web sockets function to PUSH the session cancellation to the user before you cancel the session.
However, if the decision is that it can be 10,20 or even 30 minutes then a very slow poll ajax request could hide the page if the session has expired. At this interval the poll would be negligible traffic at any number of users, and for most users a single page is unlikely to have no activity for that amount of time so they will never reach the poll interval.
Thank you. To answer your question, the business model is more like an on-demand video streaming. The admin would want to end the user session, let say if the user is still unpaid. But given that the user will watch a video, they will be inactive while watching it. At most, 10 to 15 seconds delay after the session ends should suffice.
@Snapey it does not tell the backend where the user is in the video. I'm looking into websockets now. Your reply gives me idea how to implement my approach. Using laravel broadcast should send updates to the frontend that the session is already ended, and that should send a redirect request to the server. I'm still looking in the documentation of laravel broadcast and see if that works. Thanks.
@Corvin beware of putting a lot of infrastructure in place to satisfy a minority use case. Be challenging about the business requirements, what is the maximum acceptable delay ? (I dont think "10 to 15 seconds is acceptable" answers that question)
Also consider that your polling idea could work at scale if only applied to users whose account is not in good standing
@Snapey I havent discuss it yet with the client. Their concern is that after they invalidate the session, they notice that the user is still able to continue streaming the video. You are right, having unnecessary complexity might be overkill for a small scale system. I did try the laravel websockets, but for this case, ill check if polling for every 5mins will be enough.
