How to end the session when browser closes

Question

In my application I am saving the logout time of the user. This is working fine when the user clicks the login button, but my requirement is to store the logout time even if the user closes the browser. If this is not possible please tell me the way how to destroy the session as soon as user closes the window.

Any help would be appreciated.

Thanks Mat for editing the question it looks nice – Gouse Apr 14 '12 at 11:25 — Gouse, Apr 14 '12 at 11:25

score 2 · Answer 1 · answered Apr 16 '12 at 12:51

It used to be you had to do synchronous Ajax in the event handler. Don't know if that's still true in modern browsers. If you go asynchronous, be sure to test with realistic client load so that you don't run into a race condition that only shows up among your users.

I would suggest some kind of heart beat Ajax call from the client, say every five minutes. If you miss two such calls in a row you kill the session server-side. That will take care of all situations where the user doesn't log out (browser crash, OS crash, network failure etc).

Potential problems with acting on unload events:

What happens if the user has your app/site open i several tabs and closes one of them? You need to inform the user that there will be a cross-tab logout.
Browsers have a history of restrictions on what you can do on unload to prevent ever-popups and infinite loops that prevent the user from closing the browser. You never know what will come in the future. History here: http://www.hunlock.com/blogs/Mastering_The_Back_Button_With_Javascript and via the StackOverflow link in the reply above.

score 1 · Answer 2 · edited May 23 '17 at 12:04

1

As per this answer, you should be able to handle the beforeunload event and then do an AJAX logout.

Untested, but it should work like this:

Ext.EventManager.on(window, 'beforeunload', function() {
  Ext.Ajax.request({
    url: 'logout.json',
    timeout: 60000
  });
});

edited May 23 '17 at 12:04

Community

1
1

answered Apr 14 '12 at 10:01

hangy

10,765
6
43
63

thanks for reply can this code work for all browsers like chrome and mozilla – Gouse Apr 14 '12 at 10:55

Christiaan Westerbeek · Answer 3 · 2014-09-23T06:18:21.467

This answers the last part of the question. Auto close the session with closing the browser. According to Wikipedia: When an expiry date or validity interval is not set at cookie creation time, a session cookie is created. Web browsers normally delete session cookies when the user closes the browser.

The task at hand is to create a cookie without an expiry date using Ext-state-CookieProvider. Leaving out the expires configuration at all, will cause ExtJS to default it to 7 days. Check the source for this. Therefore you need to create the cookie with an explicit expires of null, like so:

var cp = Ext.create('Ext.state.CookieProvider', {
    expires: null
});

All cookie values will be deleted when the browser closes.

How to end the session when browser closes

3 Answers3

Linked