Prevent ajax calls from updating session timeout with CakePHP

Question

I'm using some long pooling in JavaScript of this kind:

setInterval(demo, 3000);

function demo(){
    $.get(url, params, function(data){
        //whatever
    });
}

Being url a URL to a CakePHP controller action returning JSON.

But I want my session to only last 20 minutes since the user last action on the screen. This is, ignoring the pooling which is taking place every 30 seconds. Otherwise the session will last forever.

Any solution to this?

Use a Cake3 **or** Cake2 tag. It doesn't make much sense to tag a question for both versions. — floriank, Jun 21 '16 at 20:12
**http://stackoverflow.com/questions/32298817/how-to-prevent-cakephp-3-0-from-extending-session-timeout-with-ajax-requests** That is for 3.x, but it's the same concept in 2.x, so... — ndm, Jun 21 '16 at 20:27

score 2 · Answer 1 · answered Jun 21 '16 at 20:11

2

Store the last login time in the session when a request happens compare it to the current time when a request comes in. If the current time is greater than last login time + 20min call the logout() method of the auth component.

answered Jun 21 '16 at 20:11

floriank

25,546
9
42
66

Sonu Verma · Accepted Answer · 2016-06-24T03:05:29.047

Please use this in app controller in beforeFilter function

if(!$this->request->is('ajax')){
             $LastActivity = $this->Session->read('LastActivity');
             if ($LastActivity != '' && (time() - $LastActivity) > 1200) {//for 20 minute
                $this->Auth->logout();
                $this->redirect('/');
            }
             $this->Session->write('LastActivity', time());
            }

Prevent ajax calls from updating session timeout with CakePHP

2 Answers2

Linked