From d0c75b3b0ab47d4c543569d597ded4de0c92d1b8 Mon Sep 17 00:00:00 2001 From: Ciao T Date: Tue, 29 Aug 2017 13:59:20 -0400 Subject: [PATCH 1/3] Update middleware.py added messages.info(request, 'Your session has expired...') --- session_security/middleware.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/session_security/middleware.py b/session_security/middleware.py index e9b2a93..f83f9c3 100644 --- a/session_security/middleware.py +++ b/session_security/middleware.py @@ -11,6 +11,7 @@ from datetime import datetime, timedelta +from django.contrib import messages from django.contrib.auth import logout from django.core.urlresolvers import reverse, resolve, Resolver404 @@ -62,6 +63,8 @@ def process_request(self, request): delta = now - get_last_activity(request.session) expire_seconds = self.get_expire_seconds(request) if delta >= timedelta(seconds=expire_seconds): + request._messages._queued_messages = [] + messages.info(request, 'Your session has expired (%s). Please login again.' % delta) logout(request) elif (request.path == reverse('session_security_ping') and 'idleFor' in request.GET): From 1476aaeceba51d7616680b3fa85777f6fa08fb06 Mon Sep 17 00:00:00 2001 From: Cao T Date: Wed, 18 Apr 2018 15:39:51 -0400 Subject: [PATCH 2/3] Update middleware.py session expired for ajax --- session_security/middleware.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/session_security/middleware.py b/session_security/middleware.py index f83f9c3..16a8b48 100644 --- a/session_security/middleware.py +++ b/session_security/middleware.py @@ -14,6 +14,7 @@ from django.contrib import messages from django.contrib.auth import logout from django.core.urlresolvers import reverse, resolve, Resolver404 +from django.views import defaults try: from django.utils.deprecation import MiddlewareMixin @@ -66,6 +67,8 @@ def process_request(self, request): request._messages._queued_messages = [] messages.info(request, 'Your session has expired (%s). Please login again.' % delta) logout(request) + if request.is_ajax(): + return defaults.http.HttpResponseForbidden('403 Forbidden: %s' % msg, content_type='text/html') elif (request.path == reverse('session_security_ping') and 'idleFor' in request.GET): self.update_last_activity(request, now) From 64b4111e3bfc764a90cf2d0b9a3bacf5e61e9aeb Mon Sep 17 00:00:00 2001 From: Cao T Date: Mon, 21 May 2018 16:53:52 -0400 Subject: [PATCH 3/3] Update script.js added isExpired and idleForSeconds --- session_security/static/session_security/script.js | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/session_security/static/session_security/script.js b/session_security/static/session_security/script.js index 48ab42c..e90c257 100644 --- a/session_security/static/session_security/script.js +++ b/session_security/static/session_security/script.js @@ -119,12 +119,15 @@ yourlabs.SessionSecurity.prototype = { this.apply(); }, + idleForSeconds: function() { return Math.floor((new Date() - this.lastActivity) / 1000); }, + isExpired: function() { return this.idleForSeconds >= this.expireAfter; }, + // Apply warning or expiry, setup next ping apply: function() { // Cancel timeout if any, since we're going to make our own clearTimeout(this.timeout); - var idleFor = Math.floor((new Date() - this.lastActivity) / 1000); + var idleFor = this.idleForSeconds(); if (idleFor >= this.expireAfter) { return this.expire();