Jon/All:
I am summarizing things here hoping that it'll help somebody else or
perhaps open some room for discussion, possible approaches to this,
etc. This is how I ended up implementing Session Timeouts with ajax
requests.
========
Description:
========
When a session times out, if a new ajax request comes in, action
should be taken to ensure the user is properly alerted or re-directed
to the login page with the appropriate message.
==================
Solution/Implementation:
==================
I decided to implement this using the easiest of all Comet approaches,
polling.
==========
AppController:
==========
Add to beforeFilter
/**
* Referencing the name of the element to be rendered
* should a new ajax request come in and the session has expired.
*/
$this->Auth->ajaxLogin = 'session_expired';
======
Element:
======
session_expired.ctp contains:
{success: false}
=============
Comet Controller:
=============
class CometController extends AppController {
var $name = 'Comet';
var $uses = null;
public function index() {
if ( $this->RequestHandler->isAjax() ) {
$this->set('status', json_encode(
array(
'success' => true
)
));
}
} // end of index()
} // End of CometController{}
==============
Comet Index View: (contains)
==============
<?php echo $status ?>
So far we have:
a) A property setup in AppController that allows us to realize when
the session has expired for a new ajax request (ajaxLogin)
b) A controller that will be used to process Polling or a Task that
will be polling for status every X amount of time.
c) If the session has not expired, index will be rendered containing a
json property of success: true
d) If the session has expired, then the element will be rendered. In
this case containing success: false.
On the client side I created a Task that polls every X amount of time
by sending an ajax request. There is a callback setup in place to read
the response and if success is false, it moves on to stopping the Task
and since the session has already expired re-direct the user to the
login screen. At this point you have the option of presenting the user
with a Modal Dialog or something along those lines before you even re-
direct them to the login page. I am not posting my implementation for
this part because it's specific to the framework that I am using which
is 100 % javascript and ajax.
Feel free to provide comments or suggest different ways to accomplish
this. I opted in this case for perhaps the simplest approach to the
various comet possible implementations out there. This has some
benefits and of course some disadvantages as well since you are
polling the server every X amount of time. However, the impact is
almost insignificant since there is only post requests coming in and
only very little json being sent back to the client.
Thanks in advance,
Alfredo
On Feb 22, 7:25 am, Alfredo Quiroga-Villamil <laww...@gmail.com>
wrote:
> Jon:
>
> Yeah, that's the issue I currently have. If I was only making one ajax
> request here and there it would be fine. A callback would work. In
> fact, the ajaxLogin property in Auth is quite convenient, since it'll
> allows us to render an element if the session has expired and a new
> ajax request comes in. We could return json with say a propery of
> success set to false alonng with the corresponding description. I've
> tested this and it works as expected.
>
> However my entire UI is built using javascript and all the actions in
> the UI invoke ajax requests. This makes analyzing or creating
> callbacks for everyone of these cases cumbersome.
>
> The way to go here seems to be using a Comet approach also known as
> server-push, reverse ajax, ajax push and others. I am taking my time
> reading and trying to see how to best implement this for my
> environment.
>
> Once I have an implemented solution I will post it here. For now in
> the short term I've extended my session time a little bit.
>
> Let me know what you find or how you decide to go about this. Quite an
> interesting problem and it'll be around for a while I guess since we
> all tend to use ajax more and more these days.
>
> Thanks in advance,
>
> Alfredo
>
> On Sat, Feb 21, 2009 at 8:52 PM, Jon <cake...@jonwu.com> wrote:
>
> > I'm having the same problem and I'm curious what solution you come up
> > with. I haven't taken the time to play around with it yet but am
> > wondering if you can just make the AJAX pages return some specific
> > text that will indicate that you're logged out. Then maybe you can
> > have an AJAX callback analyze the response and redirect if necessary.
> > That seems a little hackish so I'm wondering if there's a better way.
>
> > Thanks,
> > Jon
>
> > On Feb 20, 6:26 pm, Alfredo Quiroga-Villamil <laww...@gmail.com>
> > wrote:
> >> Thanks Miles.
>
> >> I finally had a little bit of time to devote to this and brainstorm
> >> for a few minutes. The issue is a bit more involved than what I had
> >> originally thought. I didn't throughly think about my environment and
> >> current implementation. All my requests are being sent via ajax. This
> >> changes the game a little.
>
> >> There is a parameter in AppController that allows me to render an
> >> element if the session has expired for an ajax request.
>
> >> I am currently exploring and thinking about a clean solution to handle
> >> the re-direct on th client side since ajax is the issue here. If
> >> anyone has ran into this before and has come up with a clean solution
> >> please feel free to suggest it.
>
> >> Thanks in advance,
>
> >> Alfredo
>
> >> On Fri, Feb 20, 2009 at 9:20 PM, Miles J <mileswjohn...@gmail.com> wrote:
>
> >> > I have autoRedirect disabled as well but my redirect works fine. Make
> >> > sure your allow() in each controller isn't allowing those pages to be
> >> > viewed.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
