Patch #15234
open
A popup message after session timeout
0%
Description
When the session timeout is set and a user leaves an unsaved form for a while so their session expires and clicks on the Save button, they is redirected to the login page and all unsaved data from the form just being edited are lost.
The same frustrating situation can happend when you write a long wiki page.
The flash message on the login page does't help to recover lost data.
I thing that the user should be warn before data are lost.
Please take into account the attached simple patch that add a Javascript popup message with the warning text about session expiration.
Files
Related issues
Updated by Etienne Massip over 11 years ago
I guess that the patch won't work if redmine is installed with a sub-URI.
Also, won't the heartbeat request reactivate the session?
Updated by Karel Pičman over 11 years ago
I guess that the patch won't work if redmine is installed with a sub-URI.
I've removed the slash in route.rb:
-get '/session_heartbeat', :to => 'application#session_heartbeat'
+get 'session_heartbeat', :to => 'application#session_heartbeat'
Also, won't the heartbeat request reactivate the session?
I don't think so. I skip the reactivation in session_expiration method:
def session_expiration
+ # Skip session heartbeat
+ return if ((params[:controller] == 'application') && (params[:action] = 'session_heartbeat'))
Updated by Toshi MARUYAMA over 11 years ago
- Related to Feature #10569: Save user data on invalid form authenticity token added
Updated by
Updated by Miguel Jacq over 1 year ago
I'm interested in this solution, but I'm not sure it is working anymore.
I'm on Redmine 4.2.10.
When I go to /session_heartbeat it always says session expired: true, even though my session is definitely still valid. I assume the 'remain' check is somehow evaluating true for '<= 0' but haven't debugged further.
@ Karel Pičman, do you have any idea on how to make sure it works with a more recent Redmine? I appreciate it's been 10 years :o and I'm sorry the devs didn't use or evolve your patch at the time!
Updated by Miguel Jacq over 1 year ago
Actually, it does seem to be working in the UI when the session expires! I just don't understand why it always reports 'expired: true' when I visit the heartbeat page directly, but in any case, the actual 'real-life use case' seems to work as expected. Great.