Post session message

README.rst

@@ -22,9 +22,9 @@ Or "Why does this app even exist" ? Here are the reasons:
   have to login again.
 - if the user session expires before the user is done filling a form: his work
   will be lost, and he will have to login again, and probably yell at you, dear
-  django dev ... at least I know I would !
+  django dev ... at least I know I would!
 
-This app allows to short circuit those limitations in session expiry.
+This app allows us to short circuit those limitations in session expiry.
 
 How does it work ?
 ------------------
@@ -41,14 +41,14 @@ since when the last user activity was recorded to PingView, next time it should
 ping.
 
 First, a warning should be shown after ``settings.SESSION_SECURITY_WARN_AFTER``
-seconds. The warning displays a text like "Your session is about to expire,
-move the mouse to extend it".
+seconds. The warning displays text such as "Your session is about to expire,
+move the mouse to extend it."
 
 Before displaying this warning, SessionSecurity will upload the time since the
 last client-side activity was recorded. The middleware will take it if it is
 shorter than what it already has - ie. another more recent activity was
 detected in another browser tab. The PingView will respond with the number of
-seconds since the last activity - all browser tab included.
+seconds since the last activity - all browser tabs included.
 
 If there was no other, more recent, activity recorded by the server: it will
 show the warning. Otherwise it will update the last activity in javascript from
@@ -58,6 +58,10 @@ Same goes to expire after ``settings.SESSION_SECURITY_EXPIRE_AFTER`` seconds.
 Javascript will first make an ajax request to PingView to ensure that another
 more recent activity was not detected anywhere else - in any other browser tab.
 
+Lastly after the time has expired the page can be redirected to a specific URL,
+reloaded current URL an banner such as "Your Session has timed out" or otherwise
+just reload the current URL.
+
 Requirements
 ------------
 

session_security/static/session_security/script.js

@@ -14,7 +14,8 @@ if (window.yourlabs == undefined) window.yourlabs = {};
 //   leave a page with unsaved form data. Setting this will enable an
 //   onbeforeunload handler that doesn't block expire().
 // - events: a list of event types to watch for activity updates.
-// - returnToUrl: a url to redirect users to expired sessions to. If this is not defined we just reload the page
+// - returnToUrl: a url to redirect users to expired sessions to. If this is not defined we can display a message or just reload the page
+// - loggedOffMessage: boolean if a message to display after expired sessions. If this is not defined we just reload the page
 yourlabs.SessionSecurity = function(options) {
     // **HTML element** that should show to warn the user that his session will
     // expire.
@@ -54,11 +55,13 @@ yourlabs.SessionSecurity.prototype = {
     expire: function() {
         this.expired = true;
         if (this.returnToUrl !== undefined) {
-            window.location.href = this.returnToUrl;
-        }
-        else {
-            window.location.reload();
-        }
+           window.location.href = this.returnToUrl;
+        } else if (this.loggedOffMessage !== undefined){
+           var url = window.location.href;
+           if (url.indexOf('?') > -1) url += '&loggedOff';
+           else url += '?loggedOff'
+           window.location.href = url;
+        } else window.location.reload();
     },
 
     // Called when there has been no activity for more than warnAfter

session_security/static/session_security/style.css

@@ -24,3 +24,11 @@
     overflow: auto;
     text-align: center;
 }
+
+.session_security_div {
+   background-color: #ff8c00;
+   color: #000;
+   font-weight: bold;
+   text-align: center;
+   display: none;
+}

session_security/templates/session_security/all.html

@@ -30,7 +30,10 @@
                 warnAfter: {{ request|warn_after|unlocalize }},
                 expireAfter: {{ request|expire_after|unlocalize }},
                 confirmFormDiscard: "{% trans 'You have unsaved changes in a form of this page.' %}"
+                loggedOffMessage: 'True',
             });
         </script>
     {% endlocalize %}    
 {% endif %}
+<div class='session_security_div' id="loggedOff"><span>You have been logged off</span></div>
+<script type="text/javascript">if(window.location.href.search( 'loggedOff' ) > 0) document.getElementById('loggedOff').style.display = "block";</script>