Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

expired session for ajax #110

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

expired session for ajax #110

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
d0c75b3
Update middleware.py
caot Aug 29, 2017
1476aae
Update middleware.py
caot Apr 18, 2018
64b4111
Update script.js
caot May 21, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions session_security/middleware.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,10 @@

from datetime import datetime, timedelta

from django.contrib import messages
from django.contrib.auth import logout
from django.core.urlresolvers import reverse, resolve, Resolver404
from django.views import defaults

try:
from django.utils.deprecation import MiddlewareMixin
Expand Down Expand Up @@ -62,7 +64,11 @@ def process_request(self, request):
delta = now - get_last_activity(request.session)
expire_seconds = self.get_expire_seconds(request)
if delta >= timedelta(seconds=expire_seconds):
request._messages._queued_messages = []
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what is this for ?

messages.info(request, 'Your session has expired (%s). Please login again.' % delta)
logout(request)
if request.is_ajax():
return defaults.http.HttpResponseForbidden('403 Forbidden: %s' % msg, content_type='text/html')
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what's that supposed to do

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If session is expired, a ajax call will get the righ feedback information. That's response.responseText will be '403 Forbidden: %s' % msg

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

makes sense

elif (request.path == reverse('session_security_ping') and
'idleFor' in request.GET):
self.update_last_activity(request, now)
Expand Down
5 changes: 4 additions & 1 deletion session_security/static/session_security/script.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -119,12 +119,15 @@ yourlabs.SessionSecurity.prototype = {
this.apply();
},

idleForSeconds: function() { return Math.floor((new Date() - this.lastActivity) / 1000); },
isExpired: function() { return this.idleForSeconds >= this.expireAfter; },

// Apply warning or expiry, setup next ping
apply: function() {
// Cancel timeout if any, since we're going to make our own
clearTimeout(this.timeout);

var idleFor = Math.floor((new Date() - this.lastActivity) / 1000);
var idleFor = this.idleForSeconds();

if (idleFor >= this.expireAfter) {
return this.expire();
Expand Down