Heartbeat to check if a user is authenticated?
https://stackoverflow.com/questions/5123041
-
29-12-2020 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
Googling for heartbeat authentication gives so much info that inst related that makes it hard to find good sources.
In short terms what a heart beat authentication is ?
In what cases could would it be more applied to be used ?
I am sorry that this seems like a ultra general question if you could perhaps direct me to some better information about it I could make my question more specific to what I am aiming for, but for that I need to know more about heartbeat.
Solution
Depending on how the site works, the heartbeat functionality could be as simple as performing an Ajax GET on the site, then testing the HTTP status of the response. For example, a 200 may mean that the browser was authenticated, and a 401 could mean that the user's authorization has expired. Or perhaps the site redirects the request to a login page, in which case you could check for a 302.
Here's how you could do it via jQuery, for example:
setInterval(
function() {
jQuery.ajax(
'/protected-resource',
{
error: function(jqXHR, textStatus, errorThrown) {
if (jqXHR.status != 200) {
doUnauthorizedResponse();
}
}
}
);
},
60000);
