Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix issues with sessions. #59

Open
SundeepChand opened this issue Jul 20, 2021 · 4 comments · May be fixed by #134
Open

Fix issues with sessions. #59

SundeepChand opened this issue Jul 20, 2021 · 4 comments · May be fixed by #134
Labels
priority: high

Comments

@SundeepChand
Copy link
Member

More info here: https://userstory.eosdesignsystem.com/story/60e318ea62aa440015a8baff
@kailash360
Copy link
Member

@SundeepChand
Can I work on this?

@SundeepChand
Copy link
Member Author

Sure @kailash360

@kailash360
Copy link
Member

kailash360 commented Feb 19, 2022
edited
Loading

@SundeepChand

Currently, in the application, session duration is set in the backend only. However, there is no session duration present in the cookies when the user logs in. This causes the error mentioned in the issue. So we will need to set a custom session limit in the frontend of the application.

I have thought of the following approach to this issue:

  • First when the user logs in, the timestamp for session expiration (say Session_Expiration_Time) is stored within the local storage of the application.
  • As the time flies by, we will be checking if the timestamp for current time (say Current_Time) is less than the Session_Expiration_Time. This can be implemented using a timeout tracker.
  • If the user makes any movement on the window like scrolls the page, moves the mouse on the page or any other form of interaction, then the Session_Expiration_Time is updated within the local storage

image

  • On the other hand, if the user does not interact with the application and the session expiration duration is reached i,e Current_Time > Session_Expiration_Time, then we can execute the logout logic of the application, and navigae the user to the login page.
  • When the user logs in again, the same steps will repeat.

There is also a possibility that the user can keep the user-story application open in multiple tabs at the same time. However, due to the use of local storage, the Session_Expiration_Time will remain same for all the tabs.

image

There is yet another catch in the application. If the user closes the window and then opens the app again. In this case we will need to check the expired time in the initial state.
There are 2 scenarios here:

  • If user is still in an active session i.e Current_Time < Session_Expiration_Time, our solution can still handle by creating the new expired time.
  • If user opens the app after the expired time, we need to immediately execute the logout logic.

Kindly suggest, if the approach feels suitable, or if I need to make any changes.

@kailash360 kailash360 linked a pull request Feb 24, 2022 that will close this issue
Open
5 tasks
@kailash360
Copy link
Member

@SundeepChand
I have created PR #134 for this issue

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
priority: high
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix #59: Added timeout tracker to check session expiration kailash360/user-story
2 participants
@SundeepChand @kailash360