Home/ Questions/Q 6960193
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T15:22:14+00:00

I usually restrict user access by redirecting users if they don’t have a valid

  • 0

I usually restrict user access by redirecting users if they don’t have a valid session.

For example:

<?php
  session_start();
  if (!isset($_SESSION["userInfo"])) {
    header("Location: index.php");
  }
?>

but I’m starting a new project using ajax for all my page loads.

How should I force a page refresh of my webapp if the session is no longer valid?

ShouldIi precede all my ajax request with a dedication authentication request, and if that fails refresh the page via javascript?

Or, should I just include authentication data in each of my json responses and then authenticate before any further handling of the ajax requests?

Is there a better way to do this?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Ideally, you engineer your client-side code well enough so you have a way to handle various errors from the server-side.

    When your client-side code makes an ajax call, it should look at the status of the response. If the user has no session, the server should reply with 401 (Unauthorized) response, which means “that’s a valid URL, but you need to be authenticated”.

    Whenever your client-side code gets a 401, it should do whatever is necessary to get the user logged in. This could be redirecting them to a login screen, or doing some kind of modal authentication DHTML-popup.

    • 0