Forum | Appery.io

Yes I understood maryna's answer above but I don't want to implement that approach because it will increase the number of database calls and also I will have to call that service on every page of my app and that won't be feasible because the number of pages in my app are very high!

What I meant earlier was that is there any possible way to increase the 120 minutes duration of session expiry? Like make that duration infinite so that I don't have to make so many database calls on so many pages!

Hi Asif,

You can not increase this idle user session token expire interval.

So only way to do it - implement suggested above.

Regards.

Oh ok! I'll do that for now!

But please recommend the development team to look into this and provide a way to increase the idle user session token time in the future if possible!

Thank you!

Hello Asif,

Thank you for the update. We'll pass your suggestion.

This answer is from a year ago. I am fairly new to Apperio.io. I just tested this in my test app and it is working. However besides checking only on userid I pass the username as well which I store in localstorage after a user logs in. And then check if both values from the user row are correct.

What I'm thinking of is to add a column "token" to the users collection and store the sessionToken after login. And use that as well for verifying?

Or is this overkill?

Just a thought.

Guus,

Session token could be expired. And you can not handle it with checking token inside user collection.

So it's overkill for this case.

Regards.

Hi Katya/Yurii/Maryna,

I intend to implement this solution for the purposes of keeping users signed in for longer. I have a couple of questions though.

1. I assume that Katya's detailed code is an extension of (rather than an alternative to) Maryna's earlier answer - in other words a way to use server code to do what Maryna suggested (i.e. query the users collection for minimal data to see if the session has expired). Is this correct?

2. Katya says: "You would need to add some actions to onSuccess/onError/onComplete event to perform needed actions depending on a check result." If possible, please provide an example, ideally one showing how to auto-login if the session has expired. That would complete this pseudo-tutorial I think.

3. I assume that to auto-login, one would need to store the user's password in a storage variable. Is there any way to do this securely and also securely pass it when calling the auto-login service?

   Finally, as this is presumably a widely needed feature (most mobile apps allow persistent logins), can I suggest that this solution, and any alternatives, be presented as a proper tutorial, perhaps as one of Max's videos? Or better still please provide a new application setting to extend the login beyond the current 2 hours.

   Thanks.

Is it secure to save the password in LSV?

Hi guys,

I've set up a service to check if the sessiontoken has expired.
If sessionToken has expired a login services runs to get the new sessionToken.
This all works great.

The only problem is that I have to call the first service on every page.
To reduce the amount of calls I have the code on every page show:
pre

var check = localStorage.getItem('CheckSessionTokenLSV');

if (check === "true"){
CheckSessionToken.execute();
localStorage.setItem('CheckSessionToken', "false");
}

/pre

how can I set the 'CheckSessionTokenLSV' to "true" after 120mins of inactivity?
or something similar?

Thanks,
Joe

Hi Joe,

You can listen jQuery global ajax start event.
Details: https://api.jquery.com/ajaxStart/

Here is a solution to set some localstorage to true after 120 min of inactivity.

1 Create new JS asset.

2 Populate it with following JS code:

pre

var timeOut = 120 * 60 * 1000;
var onTimeout = function(){
console.log("session expired");
localStorage.setItem('CheckSessionToken', "true");
};

var onAjax = function(){

 console.log("ajax clere current timer and run new"); 

 window.clearTimeout(self.noActivityTimer); 

 self.noActivityTimer = window.setTimeout(onTimeout, timeOut); 

};

jQuery(document).ajaxStart(onAjax)

/pre

Regards.