Geek Answers Handbook

Automatically logging out of ASP.NET

I am doing a group project with four other people. We are developing a kiosk for working in ASP.NET in MVC4 with built-in C #.

I am working to ensure that the system registers the user if they are idle for 10 minutes. I need help on how to start coding so that the system can log the user out of the system.

+4
source share
5 answers

If you do not use Windows Authentication, this at least depends on the session timeout, which you can control through web.config:

<configuration> <system.web> <sessionState timeout="10" /> </system.web> </configuration>

Since most methods rely on sessions in some way, this will work in most scenarios.

+9
source

The answer you are looking for is the one AliK suggested. You want to set an automatic timeout in the web.config file so that it automatically logs out and redirects them to the login page after a certain downtime.

 <authentication mode="Forms"> <forms loginUrl="Login.aspx" protection="All" timeout="1" slidingExpiration="true"> </forms> </authentication>

If I remember correctly, the timeout value is in minutes, not seconds or milliseconds. Also, a sliding expiration means that the timeout will be reset every time you perform an action on a website. Therefore, if you have a timeout of 5 minutes, and you sit idle for 4, before clicking a button on the site, after clicking a button you get a new 5-minute timeout.

+6
source

This is how I do it if you use FormsAuthentication:

Controller action:

 public ActionResult CheckLogin() { if (Request.Cookies["CookieName"] == null) return Json(0, JsonRequestBehavior.AllowGet); var cookie = Request.Cookies["CookieName"].Value; var ticket = FormsAuthentication.Decrypt(cookie); var secondsRemaining = Math.Round((ticket.Expiration - DateTime.Now).TotalSeconds, 0); return Json(secondsRemaining, JsonRequestBehavior.AllowGet); }

Jquery on every page or layout page:

 <script> $(function () { setTimeout(doStuff, 1000); }); function doStuff() { $.ajax("/CheckLogin").done(function (data) { if (data <= 60) { startLogout(data); } else { setTimeout(doStuff, 1000); } }); } function startLogout(seconds) { var countdown = setInterval(function () { //Show something here if (count == 0) { clearInterval(countdown); //Do something here } seconds--; }, 1000); } </script>
+3
source

If you need them to log out automatically, start with Linus Caldwell's suggestion for setting a timeout for the web.config session. His example shows 30 minutes, so you just change it to 10. The user will not know that they are logged out, although they are actually trying to request some server resource. For this to happen automatically, you can go in several ways. Both of these methods include automatic page refresh after a timeout period. One way is to use a javascript timer. Another is to add an update header to each page.

 <script type="text/javascript"> var seconds = 60 * 11;// set timer for 11 minutes (1 minutes after session expires) countdown(); function countdown(){ seconds--; if (seconds <= 0){ window.location.reload(); // force a refresh. }else{ setTimeout('countdown()', 1000); } } </script>

Another way would be your global.asax:

 protected void Application_BeginRequest() { Response.Headers.Add("Refresh", Convert.ToString(Session.Timeout * 11)); }
+1
source

If on Idle you mean the absence of a mouse and keyboard events from the user, and I understand your requirement correctly, you should check the jquery-idleTimeout plugin.

Another good one is jQuery idleTimer Plugin

hope this helps.

0
source

More articles:


All Articles