Navigator Plugin development - Session expiration
https://stackoverflow.com//questions/25066796
-
23-12-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I'm working on a plugin for ICN and I've managed to have it log in automatically retrieving the username/password from a file by an id which is passed as a parameter in the url. Once a user has logged in there will be no need to relog, however after some time the 'session expiration' will kick in and even after reloading I can't get it to log in again. This might be due to the fact that I'm basing my decision on a single javascript object: ecm.model.desktop.connected.
Right now if ecm.model.desktop.connected is false it will try to log in, this works well until the session expiration, which apparently does not set the ecm.model.desktop.connected to false, it's still set to true. So I'm hoping to learn a way to tell if the session has expired.
This here is my login code:
if (ecm.model.desktop.connected == false || ecm.model.desktop.userId != loginConfig[loginID].username) {
var http2 = new XMLHttpRequest();
var url2 = "/navigator/logon.do";
var params2 = "userid=" + loginConfig[loginID].username + "&password=" + loginConfig[loginID].password;
http2.open("POST", url2, false);
http2.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
http2.onreadystatechange = function() {//Call a function when the state changes.
if (http2.readyState == 4 && http2.status == 200) {
}
};
http2.send(params2);
window.location.reload();
}
Solution
I managed a workaround avoiding session expiration entirely using a cookie set to expire in 'x' minutes making a sort of session of my own. First I check if the cookie is created, if it's not it means it either expired or was never created in the first place, so I create it and make a synchronous POST call to logoff.do and reload() the site.
Once created and after reloading I check if the cookie exists once again, since it does I check if ecm.model.desktop.connected is false or the user is trying to log in with a different ID. If that occurs I'll have it log in making a synchronous POST call to logon.do with the proper username/password and then reload().
All done the user has now access to the features offered by my plugin.
