I am trying to implement a way to check if the user session has expired and then pop-up a modal letting the user know.
Here is what I have so far.
Route
Route::get('auth-check', ['uses' => 'UsersController@authCheck', 'as' => 'auth.check']);
UsersController
use Illuminate\Contracts\Auth\Guard;
class UsersController extends Controller {
public function __construct(Guard $auth)
{
$this->auth = $auth;
}
...
/*
* returns {status: false} or {status: true}
*/
public function authCheck()
{
return response(['status' => $this->auth->check()])
->header('Content-Type', 'application/json');
}
}
Master blade (so it can be checked on any page)
<!-- Modal -->
<div class="modal fade" id="session-expired">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<h4 class="modal-title">Session Expired!</h4>
</div>
<div class="modal-body">
<p>Your session has expired, please login to continue.</p>
</div>
<div class="modal-footer">
<a href="{!! route('login') !!}" class="btn btn-danger">Login</a>
</div>
</div>
</div>
</div>
JS
@if(Auth::check())
$.fn.timer = function()
{
$.get("{{ route('auth.check') }}", function (data) {
data.status == false ? $('#session-expired').modal({ show: true, backdrop: 'static' }) : $('#session-expired').modal('hide');
});
};
window.setInterval(function(){
$('#timedOutSession').timer();
},10000);
@endif
It kinda works, when I am logged in it returns {status: true}
. But after 5-10 requests on checking the auth user the session dies for some reason and it returns {status: false}
. Like making so many auth checks kills the session as a security measure or something.
Anyone mess around with letting a user know if their session has expired? Reason being is the application is very form based and users may leave a form page open and come back in the next day and the session has expired but they will go through the process of filling out the lengthy form and submit it just to find out they are not logged in.
Any ideas or better ways to do this would be quite welcome.