用户退出应用程序但不执行注销操作时自动注销 [英] Auto Logout when user leaves the application without doing logout action

问题描述

有时，用户离开应用程序时无需单击注销按钮，也无需关闭或休眠其计算机，甚至关闭与应用程序域相关的所有会话(页面).因此服务器无法知道用户已注销！.如果是这种情况，我们有一个花费在上次会话上的时间"参数来检查为每个用户激活的上次会话的时间.

Sometimes , an user leave an application without clicking on logout button, or do shutting down or hibernating of its Machine, pr even close all sessions (pages) which related to the application domain. So the server cannot knows that the user has been logged out!. If our case, we have a "time spent on last session" parameter to check the time of last session activated for each user.

我们需要在用户退出应用程序时自动注销用户，而无需执行注销操作！ 有什么过程要做吗?

We need to auto Logout user when he leaves the application without doing logout action! Any process to do?

谢谢.

推荐答案

您可以在服务器上设置cron作业以检查过时的会话，但这不是一个很好的解决方案，因为您必须使用以下方法部署另一个解决方案(cron作业)您的项目. 我这样做的方法是在项目中包含一个check_credentials.php文件，该文件在您与数据库建立连接后立即运行，然后您将在您的用户表中为您的项目用户添加两个字段: session_id last_checkin . 该过程将如下所示:

You could set a cron job on the server to check for stale sessions But this is not a great solution since you have to deploy another solution (cron job) with your project. The way I would do it is have a check_credentials.php file included in your project that runs right after your DB connection, you will then add two fields in your users table for your projects users called: session_id AND last_checkin. The process will work like so:

登录:

1. 创建会话并可以在第一次命中时从PHP检索session_id(尚未登录)
2. 如果用户进行身份验证，则将session_id以当前时间戳记为last_checkin保存到DB

然后，您可以让所有用户在每个页面请求时进行过时的会话检查:

Then you can have all the users do stale session checks at every page request:

页面查询:

1. 从last_checkin超过10分钟的所有用户中删除session_id.
2. 检查我当前的session_id = db.session_id
3. 如果会话不匹配，请注销并发送用户到login.php
4. 如果session_id匹配，则更新last_checkin

这篇关于用户退出应用程序但不执行注销操作时自动注销的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！