如何防止CakePHP 3.0使用ajax请求扩展会话超时？ [英] How to prevent CakePHP 3.0 from extending session timeout with ajax requests?

问题描述

如何防止CakePHP 3.x在对服务器进行后台ajax调用时扩展我的用户会话？我也使用jquery的$ .ajax（）。

How can I prevent CakePHP 3.x from extending my users session when background ajax calls are made to the server? I am using jquery's $.ajax() as well.

我有一个setInterval每分钟运行一次，以获得一些用户通知。我的应用程序是一个EHR，我需要保持严格的会话超时。我收到通知Javascript基本上只是使我的会话无限，因为ajax调用是延长会话。

I have a setInterval running once a minute to get some user notifications. My application is an EHR and I need to maintain strict session timeout. My get notifications Javascript basically just made my sessions unlimited because the ajax calls are extending the sessions.

我认为在几个星期前在CakePHP书中看到了一些东西，

I thought a saw something in the CakePHP book about this a few weeks ago but I can't seem to find it today.

感谢您，
Daren

Thanks, Daren

推荐答案

通常这是你需要自己处理的东西，即实现你自己的超时机制。如何处理它，取决于。

Generally this is something that you need to handle on your own, ie implement your own timeout mechanism. How to handle it, depends.

您希望仅排除AJAX背景活动，因此您需要访问请求对象，并且您可能希望处理此类越早越好。鉴于这个先决条件，我可能使用调度过滤器，您可以根据当前请求是否是AJAX请求来延长超时，并在涉及任何控制器之前销毁会话。

You want to exclude AJAX background activity only, so you need to have access to the request object, and you most probably want to handle this as early as possible. Given this prerequisites, I'd probably use a dispatcher filter, where you can extend the timeout depending on whether or not the current request is an AJAX request, and destroy the session before any controllers are involved.

这里有一个非常基本的自我解释的例子，它假设 timeout //book.cakephp.org/3.0/en/development/sessions.html#session-configurationrel =nofollow> 会话配置 。

Here's a very basic, pretty much self-explantory example, which assumes that the timeout option value is set for the session configuration.

src / Routing / Filter / SessionTimeoutFilter.php

namespace App\Routing\Filter;

use Cake\Core\Configure;
use Cake\Event\Event;
use Cake\Routing\DispatcherFilter;

class SessionTimeoutFilter extends DispatcherFilter
{
    public function beforeDispatch(Event $event)
    {
        /* @var $request \Cake\Network\Request */
        $request = $event->data['request'];

        $session = $request->session();
        $lastAccess = $session->read('SessionTimeoutFilter.lastAccess');

        if (
            $lastAccess !== null &&
            time() - $lastAccess > Configure::read('Session.timeout') * 60
        ) {
            $request->session()->destroy();
        }

        if (!$request->is('ajax')) {
            $session->write('SessionTimeoutFilter.lastAccess', time());
        }
    }
}

src / config /bootstrap.php

DispatcherFactory::add('SessionTimeout');

根据您的特定需求，您可以在应用程序中放置类似的代码，有权访问请求对象。

Depending on your specific needs, you can of course place similar code pretty much anywhere in your application where you have access to the request object.

这篇关于如何防止CakePHP 3.0使用ajax请求扩展会话超时？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！