Fixed #460 -- Session timeout alert

bireme · Feb 12, 2022 · 8b3d5ef · 8b3d5ef
1 parent ea1f0ab
commit 8b3d5ef
Show file tree

Hide file tree

Showing 3 changed files with 61 additions and 2 deletions.
diff --git a/symphony/app/Resources/views/base.html.twig b/symphony/app/Resources/views/base.html.twig
@@ -126,6 +126,11 @@
         </div>
     </div>
 
+    <!-- Modal Session Timeout Alert -->
+    {% if is_granted("ROLE_USER") and session_lifetime %}
+        {% include 'sessionTimeoutAlert.html.twig' %}
+    {% endif %}
+
     <script>
         $('body').on('hidden.bs.modal', '.modal', function () {
             $(this).removeData('bs.modal');

diff --git a/symphony/app/Resources/views/sessionTimeoutAlert.html.twig b/symphony/app/Resources/views/sessionTimeoutAlert.html.twig
@@ -0,0 +1,48 @@
+<div class="modal fade" id="modal-session-timeout-alert" tabindex="-1" role="dialog" aria-labelledby="myModalLabel">
+    <div class="modal-dialog" role="document">
+        <div class="modal-content">
+            <div class="modal-header">
+                <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+                <h4 class="modal-title" id="myModalLabel">{% trans %}Session Timeout Alert{% endtrans %}</h4>
+            </div>
+            <div class="modal-body">
+                <p id="countdown_message" class="text-center"></p>
+            </div>
+            <div class="modal-footer">
+                <button type="button" class="btn btn-default" data-dismiss="modal">{% trans %}Close{% endtrans %}</button>
+            </div>
+        </div>
+    </div>
+</div>
+
+{% block script %}
+    <script>
+        $(function(){
+            function initCountdown() {
+                var counter  = {{ session_lifetime }};
+
+                var sessionTimeoutAlert = setInterval(function() {
+                    if(counter == 60) {
+                        $('#modal-session-timeout-alert').modal('show');
+                    }
+
+                    if(counter >= 0) {
+                        document.getElementById("countdown_message").innerHTML="{% trans %}You will be logged out in{% endtrans %} <b>"+counter+"</b> {% trans %}seconds{% endtrans %}";
+                    }
+                    
+                    if(counter == 0) {
+                        document.getElementById("countdown_message").innerHTML="{% trans %}Your login has expired.{% endtrans %}";
+
+                        $.ajax({
+                            url: '{{ path('logout_route') }}'
+                        });
+                    }
+
+                    counter--;
+                }, 1000);
+            }
+
+            initCountdown();
+        });
+    </script>
+{% endblock %}
diff --git a/symphony/app/config/config.yml b/symphony/app/config/config.yml
@@ -22,9 +22,14 @@ framework:
     trusted_proxies: ~
     session:
         # handler_id set to null will use default session handler from php.ini
-        handler_id:  ~
-        cookie_secure: true
+        handler_id: session.handler.native_file
+        # save_path: '%kernel.root_dir%/sessions'
+        cookie_secure: false
         cookie_httponly: true
+        cookie_lifetime: 0     # cookie is destroyed when the browser is closed
+        gc_divisor: 100        # garbage collector process on each request (100/100)
+        gc_probability: 100    # garbage collector process on each request (100/100)
+        gc_maxlifetime: 172800 # session is destroyed after lifetime of user idle
     fragments:       ~
     http_method_override: true
 
@@ -34,6 +39,7 @@ twig:
     strict_variables: "%kernel.debug%"
     globals:
         auth_type: '%auth_type%'
+        session_lifetime: 172800 # set to the same value as gc_maxlifetime
 
 # Assetic Configuration
 assetic: