-
- 141 Posts
Is there a way to automatically logout a logged in user via the Login Snippet once the user closes there browser window? Is this something that can also be done by a session timeout.
Another idea I had is to test each time a page is loaded to see if the previous page (browser history backlink) exists. If not, the browser window must be a new one and therefore any previous sessions should be logged out or ended.
- MODX Version:2.2.8
- PHP Version:5.3.26
- Database (MySQL, SQL Server, etc) Version:MySQL 5.1.70
All advice welcome.
Glyn Szasz
Sydney, Australia
Happy to help (when can) and happy to learn
If you are a Sydney based MODX developer would love to hear from you. Please contact me.
-
- 141 Posts
Yes, I am using the Login add-on and as you mentioned above @hvoort the user is logged out if they quit there browser whilst logged in. When they restart the browser the user is no longer logged in.
BTW my Login snippet call is:
[[!Login? &loginTpl=`loginTPL` &loginResourceId=`3` &logoutResourceId=`18`]]
The case that I am looking for is how to log the user out when they close the browser window or tab and then create a new window or tab and visit the website again. In this case the users session is still alive and thus has access to the site. This is important especially on shared computers in internet cafes and other public places. Not all users quite there browsers once they are finished with them.
Perhaps setting a session timout may help somehow but I am not sure how to do that.
Glyn Szasz
Sydney, Australia
Happy to help (when can) and happy to learn
If you are a Sydney based MODX developer would love to hear from you. Please contact me.
-
- 33 Posts
I see your problem. You can try changing the session time in system settings. In the manager select system settings and area: session and cookies.
Next to that you can try to work with "onbeforeunload" event from the browser. You should Google the cross browser compatibility. I've read that a request won't finish before the tab is closed, but maybe you can delete the cookie before closing.
Or learn your users how to use the logout button ;-)
Hope this helps!
I love flexibility
-
- 141 Posts
session_cookie_lifetime in System Settings looks to be what I am looking for. Does this also affect Logged in managers as opposed to front end web users? If so is there a way to set a different session_cookie_lifetime for mngr and web users?
Glyn Szasz
Sydney, Australia
Happy to help (when can) and happy to learn
If you are a Sydney based MODX developer would love to hear from you. Please contact me.