HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
How to Set Automatically logout when user is idle for sometime?
jay3rrr
New
Hello. How to set automatically logout when user is idle for 30mins?
i tried the following but nothing happens
session.gc_maxlifetime = 1400 (24mins) session.gc_probability = 1 session.gc_divisor = 100
Thank you in advance guys.
Tagged:
0
Comments
Vanilla doesn't use PHP sessions. You would need to implement that in a custom plugin. I guess you would need to hook into Gdn_CookieIdentity_getIdentity
Your function would have to check User->DateLastActive and maybe update a custom field (e.g. in UserMeta) DateLastActive, because User->DateLastActive is updated only every 20 minutes
Thank you so much @R_J
Hi @R_J do you thing, It is possible to apply the code indicated below for inactivity timeout?
https://gist.github.com/zahedkamal87/a6e4752d7a07ac467dd99d9861e94d95
Use the pockets plugin to insert it onto your page and try it out yourself. The problem I see is that you reload the page before the timeout. A reload will set back all timers and so the timeout can never happen
A Javascript approach can be tricked by the user. Based on the motivation why you are interested in such a timeout that might be okay.
I personally would hate such a feature and "disable" it for myself with a custom GreaseMonkey script
Hello @R_J , for privacy concerns. Because i will use the forum site as private/ exclusive to the members only, that's why i need to activate the automatic logout when the session expires. And just in case member open the site to other devices.
There's a warning in Pockets plugin
can easily break your site if you make a mistake.
i'm not advanced user that's why if you have simple idea i will be glad.
thank you so much,
Oh, one other point that would speak against a Javascript solution: if any user has the browser window open only for 2 minutes and then closes it, he would never be logged earlier than default vanilla behaviour is.
If you additionally don't want users to be logged in from two different browsers, you have to find a complete different approach. I think there is a plugin for that last purpose and if I remember correctly x00 is the author
Indeed
@R_J and @Kaspar thank you so much guys. I will try it. I hope it works. :)
i tested it and not working to version 3.3
Pls enable debug and post the error.
Hello @Aolee.
I don't see any error when i start to use the plugin (OneSession) but it's just not working.
in the plugins description indicates
It will force users to sign in if they have been logged in elsewhere, a single browser session at one time (apart from admins, who are immune)
please see the image below:
(i've been login 1 same non admin account in each different browsers and nothings happen)