Instant? logout user after deleted session
Hello, I'm kinda new here and I'm curious.. is there any easy and BETTER way how to check if session was deleted?
I'll give an example what I want to do:
I connected 2 browsers into 1 account I deleted session one of them I want to check deleted session and (instant?) log out user I did checking if session exist every minute (authContext) - it's working and logout user without session, but I'm not sure if it's the best way to make it, every 60s pinging API for response.
useEffect(() => {
const cookieFallback = localStorage.getItem('cookieFallback')
if (
cookieFallback === '[]' ||
cookieFallback === null ||
cookieFallback === undefined
) {
navigate('/sign-in')
}
checkAuthUser()
if (isAuthenticated) {
const interval = setInterval(() => {
getCurrentSession().then(() => {
setUser(INITIAL_USER)
setIsAuthenticated(false)
navigate('/sign-in')
console.log('error')
})
}, 60000)
return () => clearInterval(interval)
}
}, [isAuthenticated])
If you don’t do any of this, the next time you try to make a request, it’ll fail. You could just have on request failing with no user, do the logout
errors show when I do some action like reload home components, but I would like to logout without user interaction
This is after a reload?
forced f5
So when does this show?
right after delete session and when I change from home page to profile, explore ect any other route that collect userdata
So you could have on that first account.get() (which I expect you have everywhere anyway already?), catch to the logout function
hmm I'll see
If you really do want that “no interaction”, so the user is just looking at the page and without touching anything it redirects to the login, I guess you could open a Realtime socket to some random empty Collection, and then if the socket gets cut off, check the token (I’m not really sure how a Realtime socket behaves when the session is killed).
I tried realtime on session.delete but it gives me console log only for still log in sessions ;_;
Do you mean you tried to subscribe to session.delete? What was the Event you used?
You should be able to subscribe to users.[LOGGED_IN_USER_ID].sessions.[CURRENT_SESSION_ID].delete
client.subscribe('account', (response) => {
if (response.events.includes('users.*.sessions.*.delete')) {
// const payload = response.payload as SessionPayload
// const deletedSessionId = payload.$id
// // promise.then(
// // function (response) {
// // console.log(response.total) // Success
// // },
// // function (error) {
// // console.log(error) // Failure
// // },
// // )
// // console.log('test')
// // getAllSessions().then((sessions) => {
// // if (sessions) {
// // window.dispatchEvent(new CustomEvent('authSessionDeleted'))
// // }
// // })
// getCurrentSessionId()
// .then((sessionId) => {
// if (deletedSessionId === sessionId) {
// account.deleteSession(deletedSessionId)
// window.dispatchEvent(new CustomEvent('authSessionDeleted'))
// }
// })
// .catch((error) => {
// Navigate({ to: '/sign-up' })
// })
}
if (response.events.includes('users.*.sessions.*.create')) {
console.log('someone logged into your account')
console.log(response)
}
})
account isn’t a valid Event. Here’s a list of available Events - https://appwrite.io/docs/advanced/platform/events
oh okay, well I think I'll try later, I need a break from this, rn I'll let know about any change
@Hasira 🥃🪴 , you can use interceptors. On the next request, if the session is not available, you can redirect the user to the login page.
They specifically wanted it to log out without user interaction
anyway
Ah, I see there are two different things - Channels and Events. It's not very clear there.
Well yes, once your session has ended, you won't receive any realtime events. I was suggesting above you run the logout when you detect the Realtime connection close (assuming Appwrite closes the connection when the session is deleted).
