Inactivity logout

Archives Yii 1.0.x Discussions
1

I'm trying to add functionality such that a user is automatically logged out after a specified period of inactivity.  I think I have it working using a filter, and am just curious if there's a better way.

First, the lastActivity attribute is set upon user login in the authenticate() function:



$this->setState('lastActivity', time());

Next, the filter class defined in application.filters.UserInactivityFilter:



class UserInactivityFilter extends CFilter


{


    const TIMEOUT_PERIOD=3600;   //Number of seconds before auto-logout





    protected function preFilter($filterChain)


    {


		$user = Yii::app()->getUser();


		if (!$user->isGuest)


		{


			if (time() - $user->lastActivity > self::TIMEOUT_PERIOD)


				Yii::app()->user->logout();


			else


				$user->lastActivity = time();


		}	





        return true; 


    }


}

Then each controller that requires this inactivity check has it added to filters() prior to the accessControl filter:



public function filters()


{


	return array(


		array('application.filters.UserInactivityFilter'), // checks for user inactivity


		'accessControl', // perform access control for CRUD operations


	);


}

As I said, it seems to be working.  But I'm pretty new at this, so there may be better alternatives that I'm not seeing.  Thanks for any feedback.

2

I think I would configure the user component to 'autoload' in the config, and then extend CWebUser::init() or something

because sometimes a user makes a request but filters are not run (if a view is not run)

3

Quote

I think I would configure the user component to 'autoload' in the config, and then extend CWebUser::init() or something

because sometimes a user makes a request but filters are not run (if a view is not run)

Thanks for the tip… works great!  And simpler than my solution too.  (BTW - I stumbled onto your skeleton app while trying to figure out how to extend CWebUser.  Great resource, thanks for making it available.)