Thanks, I thought there was a standard solution. I tried this:
add this scrip to layout: <script> var time = new Date().getTime(); $(document.body).bind("mousemove keypress", function(e) { time = new Date().getTime(); }); function refresh() { if(new Date().getTime() - time >= 60000) ajax("{{=URL('default', 'login_status')}}", [], ':eval') else setTimeout(refresh, 10000); } setTimeout(refresh, 10000); </script> and this function to the default controller. def login_status(): if auth.user: return '' # user is still logged in else: redirect(URL('default', 'index'), client_side=True) The java script checks every 10 second for mouse activity: if there is 60 seconds no activity it will make an ajax call to see if the user is still logged in. if not logged in it will redirect. http://stackoverflow.com/questions/4644027/how-to-automatically-reload-a-page-after-a-given-period-of-inactivity http://stackoverflow.com/questions/10323714/how-to-dynamically-check-logged-in-state-from-view-in-web2py Unfortunately it doesn't work: I hoped it worked but it seems that the ajax call keeps the user logged in. Is it possible to read the time left from auth.settings.expiration ? -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.