How do I check if the session token is still active?

Fri Jul 31, 2015 11:17 am

Thanks Yurii,

That works perfectly.

Fri Jul 31, 2015 11:30 am

Hi Joe,

Would you mind summarising the steps you have taken to implement this please? I am usually okay at following examples and instructions here but I'm having trouble understanding this one for some reason. Are you using Katya's suggested server code?

Thanks,
Louis

Fri Jul 31, 2015 6:02 pm

Hi Louis,

I didnt use the server code suggestion.
I created a service to use the existing 'user_id' and 'session_token' from local storage in the request. if the service succeeds then the current session_token is valid. If it fails then the session_token is not valid and then a background login service would run to get the current valid session token.

The problem with this method is that you have to create these 2 services on each page that requires a valid session token. If you require the session token to be valid on a large number of pages then it may be a better idea to use the server code method. I only have 2 pages that use the session token in a service, the rest of my pages don't use the session_token, so therefore users can still use the other pages without a valid session token.

If you use the session token on a lot of page's I'd suggest asking for further instructions with the server code method from the appery team.

But if you want to use my method, here's what I did,

create a local storage variable called 'CheckSessionToken'.

add the global js file using Yurii's code:
pre
var timeOut = 120 * 60 * 1000;
var onTimeout = function(){
console.log("session expired");
localStorage.setItem('CheckSessionToken', "true");
};
var onAjax = function(){
console.log("ajax clere current timer and run new");
window.clearTimeout(self.noActivityTimer);
self.noActivityTimer = window.setTimeout(onTimeout, timeOut);
};
jQuery(document).ajaxStart(onAjax)
/pre

This will automatically change 'CheckSessionToken' to "true" after 120mins of inactivity. (the same amount of time that it takes for the sessiontoken to expire).

I don't know how your page is set up but if assume you already have a service that uses the the session token on the page. you need to make sure that your existing service runs after you have checked the current session token.

On page show add the js on page show:

pre
var check = localStorage.getItem('CheckSessionToken');

if (check === "true"){
CheckSessionTokenService.execute(); // you will create this service in the next step
localStorage.setItem('CheckSessionToken', "false");

else {
// token hasn't expired
// invoke your existing service that you need a valid session token for.

}

}/pre

Now you need to create the service to check if the existing token is valid.

Create a REST service and called it 'CheckSessionTokenService'.
I added the service url: https://api.appery.io/rest/1/db/users...
and kept the the rest of the settings as default.

I added the request parameters:

Headers:
X-Appery-Database-Id (enter the value of this - you can find it under the settings tab of your database)
X-Appery-Session-Token

Query String:
userID

once you've created this service, you need to add it to the page.
on before send, add the mapping from user_id and user_sessiontoken to the service request parameters X-Appery-Session-Token and userID.

if the token is already valid then the check is complete and on success you can invoke your existing service that you need the valid session token for.

if the token isn't valid the service will fail. this is where you need to invoke a 'login service' on error. the login service will get you the new valid session token

Add a login service to your page.

before send, map from local storage your 'username' and 'password' to service request parameters 'username' and 'password' ( if you don't already have username and password saved in local storage you will need to create these variables, and populate them when you user first logs in)

on service success, map the service response token to your local storage sessiontoken. you know have a valid session token.

On success you can now invoke your existing service that requires a valid session token.

if you have any questions just ask.

Regards,
Joe

Fri Jul 31, 2015 7:00 pm

Hi Joe,

This is excellent. Much appreciated. I will work on this tonight and see how I get on. I only have a few pages in my app so I think I will use this method.

Many thanks.

Louis

Sun Aug 02, 2015 6:22 pm

Joe,

Just to say thanks again for taking the time to detail these steps. They were a big help and I was able to follow them easily.

Louis

Tue Aug 04, 2015 3:42 pm

No worries.
Happy to help

Tue Aug 04, 2015 5:43 pm

Joe, you may have a view on, or be interested in this related issue/question that I raised - https://getsatisfaction.com/apperyio/...

Wed Nov 18, 2015 3:05 am

Hello,

I need to use server code and the global service, as defined by Kateryna. I seem to have setup everything, but no matter what i pass, the success event triggers.

I just want to get a sucecss if the session token is valid, and a failure if not.

Wed Nov 18, 2015 3:09 am

oh, and this is what I have on page load of each page:

var id = Apperyio.storage.user.get("$['_id']");
var token = Apperyio.storage.user_session_token.get();
console.log(id);
console.log(token);

checkService.execute({data: {"id": id, "userSessionToken": token}});

Thu Nov 19, 2015 8:06 pm

I think the issue is with something in the server code that is due to a change in Appery over the last year. It seems that I am getting a success all the time since I am successfully passing the into to the server, but it is failing at passing retrieving info from the database.

UPDATE:

no matter what session token or dbid I pass, I get:

{
"message": "1"
}