Automatic logout using AJAX


I’m considering implementing a Javascript timeout function on the client
that would issue an AJAX-request to the server to do an automatic logout
(by setting session[:user] to nil) after a certain time period (20
minutes or so). The browser would be redirected to the login screen,
and the user would have to log in again to continue.

Note that I don’t mean invalidate the session, but simply force the user
to relogin after a certain time. I plan to remember the last action
requested in the session so that I can redirect back to it after the
user logs in again.

Has anyone implemented something like this, and if so, do you have any
advice? I have a pretty good idea of how to proceed and I’m pretty sure
this is doable. The only concern I have is potential nitty-gritty
details on the client Javascript side of things.

Any reasons that I should not implement this, or other gotchas?



I don’t know AJAX too well, but I’m sure you’ll update this timer
every time the user changes something. Won’t this be too hard?
You’ll have to put a function like updateTimer() in all JS functions
that may be called to update this.

On 2/23/07, Wes G. removed_email_address@domain.invalid wrote:

I’m considering…

…or other gotchas?


Ramon Miguel M. Tayag