Auto Session Expiry: User Notification Modal & Renewal Tips

Kartik Chandra Mandal June 11, 2019

Overview

Our application features a session that automatically expires after 30 minutes, with renewal occurring through server communication. What is the most effective method to inform users about an expiring session? One idea is to present a modal warning shortly before the session ends, stating "Your session is nearing expiration [continue]" (is there a better phrasing?). This would allow users to extend their session while the renewal process occurs in the background.

• Is it ever suitable to show a session timer to users?

• Is it ever acceptable to let a session expire without giving users a chance to extend it?

• Should users be informed about the session expiration time if they have the option to extend it?

 

For more understanding: click

 

<%@ page import = "com.kartik.config.SessionUtil" %>

<html>

<head>

 

<script type="text/javascript">

/////////////////////////////////////////////////////////////////////////////

//////////////////Below code for Right click disable/////////////////////////

////////////////////////////////////////////////////////////////////////////

window.onload = function() {

    document.addEventListener("contextmenu", function(e){

      e.preventDefault();

    }, false);

    document.addEventListener("keydown", function(e) {

    //document.onkeydown = function(e) {

      // "I" key

      if (e.ctrlKey && e.shiftKey && e.keyCode == 73) {

        disabledEvent(e);

      }

      // "J" key

      if (e.ctrlKey && e.shiftKey && e.keyCode == 74) {

        disabledEvent(e);

      }

      // "S" key + macOS

      if (e.keyCode == 83 && (navigator.platform.match("Mac") ? e.metaKey : e.ctrlKey)) {

        disabledEvent(e);

      }

      // "U" key

      if (e.ctrlKey && e.keyCode == 85) {

        disabledEvent(e);

      }

      // "F12" key

      if (event.keyCode == 123) {

        disabledEvent(e);

      }

    }, false);

    function disabledEvent(e){

      if (e.stopPropagation){

        e.stopPropagation();

      } else if (window.event){

        window.event.cancelBubble = true;

      }

      e.preventDefault();

      return false;

    }

  };

 

/////////////////////////////////////////////////////////////////////////////

//////////////////Below code for Inactivity functions below are used to //////

/////////////////automatically redirect the page to the /////////////////////

/////////////////logoff script when the user's session is up.////////////////

////////////////////////////////////////////////////////////////////////////

 

 

var secondsPassed = 0;

 

 

function ShowTimePassed()

{

 

    var minutesBeforeLoggedOut = 1;//before one minute one confirm message should be display

    var minutesToWarning=document.form.sessionTime.value;//get the time for in-activity time

    secondsPassed+=1;

 

    if(minutesBeforeLoggedOut == -1)

    {

        if(secondsPassed == 30)

        {

            secondsPassed = 0;

        }

    }

    else{

        if(secondsPassed ==minutesToWarning*60)

        {

            var answer;

            var currentTime = new Date();

            var expiredTime = new Date();

            var minutes = expiredTime.getMinutes();

            minutes+=minutesBeforeLoggedOut;

            expiredTime.setMinutes(minutes);

           

            if(minutesBeforeLoggedOut==1)

                answer = confirm("It is now "+ currentTime.toLocaleTimeString()+" You have "+minutesBeforeLoggedOut+" minute left before getting logged out. Do you want to extend the session?");

            if(answer){

                secondsPassed = 0;

                currentTime = new Date();

               if(currentTime>expiredTime){

                    alert("You've exceeded the time needed to extend the session. You will be logged out now");

                    var path='<%= request.getContextPath() %>';

                 var url=path+"/logout.do";

                 window.top.location=url;

                 //window.location=url;

                }

            }

        }

    }

}

 

window.setInterval('ShowTimePassed()', 1000);

</script>

 

</head>

<body>

<%

 String url = System.getProperty("configMaintenanceOption");

 if(url !=null && url.equalsIgnoreCase("TRUE"))

 {

 %>

<body onLoad="ShowTimePassed();" onKeyPress="ShowTimePassed();" onmousemove="ShowTimePassed();" onclick="ShowTimePassed();" onscroll="ShowTimePassed();" oncontextmenu="return false;">

<form name="form">

<img src="<%= request.getContextPath() %>/images/headergrey.gif" />

<input type=hidden id="sessionTime" name="sessionTime" value="<%=SessionUtil.SESSION_TIME_OUT%>">

</form>

</body>

<%}else{%>

<body oncontextmenu="return false;">

<form name="form">

<img src="<%= request.getContextPath() %>/images/headergrey.gif" />

<input type=hidden id="sessionTime" name="sessionTime" value="<%=SessionUtil.SESSION_TIME_OUT%>">

</form>

</body>

<%}%>

</body>

</html>

 

 




session out confirm message
session out confirm message




Post a Comment

0 Comments

Post a Comment