How can I log out of the admin system in SilverStripe 3.1.x after a period of inactivity?

Question

How can I log out of the admin system in SilverStripe 3.1.x after a period of inactivity?

How to end an administrator session after a period of inactivity in SilverStripe 3.1.x? Is there a configuration option for this?

I searched and found the following code fragment, which when placed in the Page_Controller class works for users with an interface, but is completely inefficient in the administration area.

public function init() {
    parent::init();
    self::logoutInactiveUser();
}


public static function logoutInactiveUser() {
    $inactivityLimit = 1; // in Minutes - deliberately set to 1 minute for testing purposes
    $inactivityLimit = $inactivityLimit * 60; // Converted to seconds
    $sessionStart = Session::get('session_start_time');
    if (isset($sessionStart)){
        $elapsed_time = time() - Session::get('session_start_time');
        if ($elapsed_time >= $inactivityLimit) {
            $member = Member::currentUser();
            if($member) $member->logOut();
            Session::clear_all();
            $this->redirect(Director::baseURL() . 'Security/login');
        }
    }
    Session::set('session_start_time', time());
}

After more than 1 minute of inactivity, the administrator is still logged in and the session does not expire.

+4

security session-timeout silverstripe

DL Jun 11 '14 at 8:51

source share

3 answers

, , .

mysite/code MyLeftAndMainExtension.php :

<?php

class MyLeftAndMainExtension extends Extension {

    public function onAfterInit() {

        self::logoutInactiveUser();

    }


    public static function logoutInactiveUser() {
        $inactivityLimit = 1; // in Minutes - deliberately set to 1 minute for testing 
        $inactivityLimit = $inactivityLimit * 60; // Converted to seconds
        $sessionStart = Session::get('session_start_time');
        if (isset($sessionStart)){
            $elapsed_time = time() - Session::get('session_start_time');
            if ($elapsed_time >= $inactivityLimit) {
                $member = Member::currentUser();
                if($member) $member->logOut();
                Session::clear_all();
                Controller::curr()->redirect(Director::baseURL() . 'Security/login');
            }
        }
        Session::set('session_start_time', time());
    }

}

mysite/_config.php

LeftAndMain::add_extension('MyLeftAndMainExtension');

, . yml, mysite/_config/config.yml:

LeftAndMain:
  extensions:
    - MyLeftAndMainExtension

+2

D-L 11 . '14 11:18

Session.timeout config . - 5 CMS .

- CMS , -. , CMS ( ) , (, ). , CMS ping 5 , . , LeftAndMain.session_keepalive_ping config false, .

+1

simon_w 11 . '14 11:53

source share

chunk_split · Accepted Answer · 2016-07-13T00:30:22+0000

, , , . , LeftAndMain.session_keepalive_ping simon_w - . , ( , SilverStripe 3.3+), . , .

, , ( ) , CMS LeftAndMain.session_keepalive_ping, _config.yml, .

: mysite/_config.php :

// Disable back-end AJAX calls to /Security/ping
Config::inst()->update('LeftAndMain', 'session_keepalive_ping', false);

CMS , , , ( ). , , , , _config.yml, - , , CMS. , , .

- mysite/_config/config.yml, , (, 30 ):

# Set session timeout to 30min.
Session:
  timeout: 1800

: ?

, ( ?), LeftAndMain.session_keepalive_ping false, framework PR # 3272 PR # 3275

, - , !

How can I log out of the admin system in SilverStripe 3.1.x after a period of inactivity?

More articles: