Expire session automatically and detect if the session has expired in Codeigniter

Question

I've seen plenty of questions here about my topic but it seems I still haven't found my answer. What I'm actually looking for is when the session expires the user will be automatically redirected to a page saying Your session has already expired. Please register to continue browsing..

Actually I have no idea on how I could determine if the user's session has already expired. Here's what I have so far.

Thanks.

function trial() {

    $this->db->select()->from('user')->where('user_type', 'tester');
    $tester = $this->db->get();

    foreach ($tester->result() as $row) {

        $data = array(
            'id' => $row->id,
            'first_name' => $row->first_name,
            'last_name' => $row->last_name,
            'display_name' => $row->display_name,
            'email' => $row->email,
            'avatar' => $row->avatar,
            'user_type' => $row->user_type,
            'logged_in' => TRUE
        );
        $this->session->set_userdata($data);
    }

    redirect(base_url(), 'refresh');
} 

Answer 1

you can store data in session object and user redirect any page , you can check session object already exist if not exist you can show alert, session is expired

Answer 2

You can check user's session by making the ajax call and wrap it into the setInterval jquery's function like

setInterval(function() {
  // Do something every 1 minute 
$.ajax({
type : 'POST',
url  : '<?php echo site_url("CONTROLLERNAME/check_session")?>'
success : function(data){
if(data){
   //your session is not expired
}else{
   //your session is already expired
 window.location.href="your url"; // or you can redirect from here also
} 
});
}, 60000);


 //This function checks your session 
 function check_session(){
    $id = $this->session->userdata('id');
   if($id ){
         echo 1;
   }else{
         echo 0;
   redirect('your register controller');//redirect from here or you can redirect in the ajax response
   }

  die();
 }

Hope it makes sense

Answer 3

Although not 100% reliable, you could set a cookie on the users machine. I would recommend setting the expiry about an hour in advance.

With every page that you wanted to know if the session had expired, you could check to see if both the cookie and the session existed. If it does...continue. If only the cookie remains, then you know that the session has expired and you need to redirect them to the page that you referred to in your question. If neither are present, then there is a problem and the user needs to restart everything.

Of course, for every page that a session is instantiated, the session expiry will restart, so you will need to reset the cookie. It could be a bit tedious, but it is what I would recommend.

Answer 4

When you are starting the session, store the current time in a session variable. You can use a session_expire_checker function which will check current time and stored time to determine whether the session has expired. You should call the function from the constructor so that every function call will use this function automatically. In that function if session is expired, you redirect to another controller.

You have to use separate controller for the redirected URL, otherwise there would be infinite redirect.

Answer 5

Codeigniter does not "fire an event" when the session expires. So either you write some code in each controller function to check if the user is still logged in. Or you use some small js in the footer (which I personally prefere):

<script>
    var mins = 15 * 60;
    var active = setTimeout("logout()",(mins*1000));
    function logout()
    {
        location='/account/timeout'; // <-- put your controller function here to destroy the session object and redirect the user to the login page.
    }
</script>