How do I invoke a custom function on sfGuard session time out in symfony
I am using sfGuard as the aut开发者_StackOverflow社区hentication plugin in my project. I want to invoke certain client side & server side scripts on session timeout. What is the best way I can do this.
Please help! Thanks a lot.
Well I've been reading the sfGuardSecurityUser
and it extends the sfBasicSecurityUser
class, which handles user authentication, profile, credentials, etc.
So, I found a function in sfBasicSecurityUser
that determines whether a users sessions is timed put called isTimedOut
, and also setTimedOut
.
If you want to do something when user's session times out, at least on server side, you should listen to the event that is throw when this happens. Check this method:
This could be found in the symfony_core_root_dir/lib/user/sfBasicSecurityUser.class.php
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
{
// initialize parent
parent::initialize($dispatcher, $storage, $options);
if (!array_key_exists('timeout', $this->options))
{
$this->options['timeout'] = 1800;
}
// force the max lifetime for session garbage collector to be greater than timeout
if (ini_get('session.gc_maxlifetime') < $this->options['timeout'])
{
ini_set('session.gc_maxlifetime', $this->options['timeout']);
}
// read data from storage
$this->authenticated = $storage->read(self::AUTH_NAMESPACE);
$this->credentials = $storage->read(self::CREDENTIAL_NAMESPACE);
$this->lastRequest = $storage->read(self::LAST_REQUEST_NAMESPACE);
if (null === $this->authenticated)
{
$this->authenticated = false;
$this->credentials = array();
}
else
{
// Automatic logout logged in user if no request within timeout parameter seconds
$timeout = $this->options['timeout'];
if (false !== $timeout && null !== $this->lastRequest && time() - $this->lastRequest >= $timeout)
{
if ($this->options['logging'])
{
$this->dispatcher->notify(new sfEvent($this, 'application.log', array('Automatic user logout due to timeout')));
}
$this->setTimedOut();
$this->setAuthenticated(false);
}
}
$this->lastRequest = time();
}
For client side, you might start thinking about HTML 5 and Javascript Workers. The idea could be setting a worker when page loads, and telling him count till session_time_out
, then redirecting to a login page or something.
精彩评论