On Monday, April 24, 2017 at 12:49:56 PM UTC-7, Anthony wrote: > > On Monday, April 24, 2017 at 6:52:16 AM UTC-4, A3 wrote: >> >> Thanks, I thought there was a standard solution. >> > > This is not a very common pattern except on highly secure websites (e.g., > banking). >
Indeed, a common use of a webpage is as a reference while you're working on a relevant task in another window, and having it wiped out because of a timer would be annoying. Tradeoffs are everywhere. > >> Unfortunately it doesn't work: >> I hoped it worked but it seems that the ajax call keeps the user logged >> in. >> >> That's also why an html refresh header wouldn't work :-) Is it possible to read the time left from auth.settings.expiration ? >> > > Why not just use the value of auth.settings.expiration directly in your > Javascript? When the page first loads, you want to force the user to log > out if that much time expires with no activity, right? > Sounds good. There's just that little matter that some of us need to be reminded of the ways to pass python values to Javascript. /dps -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.