I’m considering implementing a Javascript timeout function on the client
that would issue an AJAX-request to the server to do an automatic logout
(by setting session[:user] to nil) after a certain time period (20
minutes or so). The browser would be redirected to the login screen,
and the user would have to log in again to continue.
Note that I don’t mean invalidate the session, but simply force the user
to relogin after a certain time. I plan to remember the last action
requested in the session so that I can redirect back to it after the
user logs in again.
Has anyone implemented something like this, and if so, do you have any
advice? I have a pretty good idea of how to proceed and I’m pretty sure
this is doable. The only concern I have is potential nitty-gritty
details on the client Javascript side of things.
Any reasons that I should not implement this, or other gotchas?
Thanks,
Wes