CODEWITHSUNDEEP
pythonsessionflask
King Anu
King Anu

Reputation: 125

how to add session timeout but keep session alive with user activity in flask?

trying to tweak my user login system a bit. using default flask session. i have a login required area (all pages under /dashboard/ - but user can be logged in sitewide as well). i want to be able to end a users session after say 30 minutes, and upon session ending, flash a message "youve been logged out for inactivity". but if user clicks around before that period ends, keep session alive until 30 mins has passed. im getting some weird behavior with this, ie it kicks me instantly if i click around. something is definitely wrong. I followed two questions from here - trying to combine the two features:

Is there an easy way to make sessions timeout in flask?

@app.before_request
def make_session_permanent():
    session.modified = True        
    session.permanent = True
    app.permanent_session_lifetime = timedelta(minutes=2)
    #flash("You have been logged out for inactivity.")

EDIT: login behavior is normal, but time limit still does not work, session remains forever. doubt the user activity keeps session alive either. heres the entire code for my login register system, blueprint, dashboard etc. i dont see whats wrong. my sessions still last to infinity no matter what i try. https://dpaste.de/vonL

Upvotes: 0

Views: 5548

Answers (1)

bingtel
bingtel

Reputation: 46

"it kicks me instantly if i click around". If you click around, your session expire time will be set to 30 mins because:

@app.before_request
def make_session_permanent():

@app.before_request is application-widely.

You can use a Blueprint which prefix_url is '/dashboard' and use

@blueprint.before_request

instead. Then only requests under this blueprint can update the expire time.

Upvotes: 1

Related Questions