Welcome to Software Development on Codidact!
Will you help us build our independent community of developers helping developers? We're small and trying to grow. We welcome questions about all aspects of software development, from design to code to QA and more. Got questions? Got answers? Got code you'd like someone to review? Please join us.
Post History
It's worth noting that logging out a user goes way beyond not fetching a token, because your UI needs to inform the user he is about to be (or has been) logged out. And if your UI closes or locks i...
Answer
#1: Initial revision
by
meriton
·
2022-02-10T04:11:38Z (about 2 years ago)
It's worth noting that logging out a user goes way beyond not fetching a token, because your UI needs to inform the user he is about to be (or has been) logged out. And if your UI closes or locks itself, it probably doesn't matter if it has a current token. So I'd handle this fully in the UI; for instance by detecting keypresses and mouse clicks, and upon not observing any for X minutes, I'd show a splash screen warning that a logout is imminent, and if still no action occurs, I'd lock the UI. To refresh the token, I'd have some angular service fetch a new token in regular intervals, but only if the UI is not locked. That said, as a user I really hate it if apps do that. I am perfectly capable of locking my workstation before walking away, and if I switch to another app for some reason (task switching is a thing, and some tasks require interacting with more than one app), and then return to your app, I'd hate to find myself logged out and having to start over.