Home/ Questions/Q 8615191
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-12T05:18:51+00:00

Many sites ( Bank webSite for example) – implement log-out + 1 minute warning

  • 0

Many sites ( Bank webSite for example) – implement log-out + 1 minute warning before session is about to expire.( 20 minutes)

(this topic is not discussed much – the only question ive seen is with using asp.net membership – which I don’t use)

each user will have a session["lastActionTime"]

this session will be update to current Time when :

  • Page is loaded
  • Ajax request has executed ( due to user action)

Now – when a page loads , I set the session value. (lets say 19:00)

Also , for every ajax request (my site doesnt create postbacks – only ajax jquery) – I use an ASHX handler with IRequiresSessionState which updates the session to current Time.

I use something like this : 

jQuery(document).ajaxStart(function(){
    gotoHandlerAndUpdateSessionTime();
})

Now -the part for 1 minute before warning message ( ” your session is about to expire “) :

Every ajax return event or page load event – I activate in javascript : setInterval with [sessionTime-1] minutes ( 20-1=19). ( and of course – cancelling all prev setIntervals… )

now when the event (setInterval) occurs – it is 1 minute before expiration time : (19 min)

I display a warning div , and the user can choose exit or stay .

question :

1) what if the user didnt press nothing on the warning div , How (after 1 minute from displaying the div) will I log him out ? Should I open a setTimeout of 1 minute when displaying the div and then (if nothing pressed) to log him out ?

2) is it the right way of doing it ?

3) Shouldn’t there be cookies in this whole weird story ? 🙂

(please – no membership – or Forms authentication).
I’m tagging this question also as PHP since I know it is relevant to php programmers as well and I would like to hear from their knowledge.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Royi, to answer both of your questions, I would say YES. I’ve built these several times (usually with Forms Auth), but basically you have a timer that counts down to show the first warning, and then another timer that counts down and gives the user X seconds to answer. I usually put the X second count down on the warning message so they can see how much time they have left. If they don’t answer in the allotted time, a call gets made to Logout.ashx (or whatever) that destroys the session and then the javascript can redirect them back to the login page. I hope that helps.

    Regarding your third question, as long as you’re tracking the session you shouldn’t really need cookies. Just do a session_destroy() in PHP or Session.Abandon() in C# when the javascript timer counts down.

    Here’s some code I’m using on one of my sites (might not be the cleanest, but you get the idea):

    var timeoutPolled = 0;
var timeoutSeconds = 10;
var countDownCounter = 61;
var timeoutBetweenPolls = 5000;
var stopCountDown = false;

function InitializePollTimer(timeoutMinutes) {
    timeoutSeconds = timeoutMinutes * 60;

    StartPollTimer();
}

function StartPollTimer() {
    setTimeout(PollForTimeout, timeoutBetweenPolls);
}

function PollForTimeout() {
    timeoutPolled++;

    if ((timeoutPolled * timeoutBetweenPolls) > 1 * (timeoutSeconds * 1000)) {
        $("#timeoutDialog").dialog({
            autoOpen: false,
            bgiframe: true,
            resizable: false,
            height: 250,
            draggable: false,
            modal: true,
            zindex: 99999999,
            position: 'top',   
            open: function(event, ui) { $(".ui-dialog-titlebar-close").hide(); },       
            buttons: {
                "Continue using Website?": function() {
                    StopCountDown();

                    $.ajax({
                        type: "GET",
                        url: "RefreshSession.aspx",
                        cache: false
                    });

                    $(this).dialog("close");

                    timeoutPolled = 0;
                    StartPollTimer();
                },
                "Logout": function() {
                    Logout();
                }
            }
        });

        $("#timeoutDialog").dialog("open");

        countDownCounter = 61;

        CountDown();
    }
    else {
        StartPollTimer();
    }
}

function CountDown() {
    if (stopCountDown) {
        stopCountDown = false;
    }
    else {
        countDownCounter--;
        $("#countdownTimer").html(countDownCounter);

        if (countDownCounter > 0) {
            setTimeout(CountDown, 950);
        }
        else {
            Logout();
        }
    }
}

function StopCountDown() {
    stopCountDown = true;
}

function Logout() {
    window.location.href = 'Logout.aspx';
}
    • 0