search

SankethBK / local_session_timeout

Redirect user to authentication page if the application doesn't receive any user interaction, or been running in the background for "x" duration.
https://pub.dev/packages/local_session_timeout
BSD 3-Clause "New" or "Revised" License
12 stars 19 forks source link

Timeout event is not firing when duration set to 8 hours and app is in background #25

Open rajath-1990 opened 1 year ago

rajath-1990 commented 1 year ago

Hi,

Thank u for the useful library.

I am facing an issue. I have used the below code

final sessionConfig = SessionConfig(
    invalidateSessionForAppLostFocus: const Duration(hours: 8),
    invalidateSessionForUserInactivity: const Duration(hours: 8));

I kept the app in the background for more than 8 hours and when I opened the app again, the timeout event was not firing. (it is supposed to redirect to the login screen after 8. hours) .

SankethBK commented 1 year ago

Hi @rajath-1990, can you check if it is working for smaller durations

rajath-1990 commented 1 year ago

yes. working for smaller duration

SankethBK commented 1 year ago

@rajath-1990 in emulator or real device?

rajath-1990 commented 1 year ago

both

SankethBK commented 1 year ago

I'll check and confirm

rajath-1990 commented 1 year ago

I tested the app by setting the timeout to 1 hour. It's working. but if I set it to 8 hours, it's not working

SankethBK commented 1 year ago

what is the usecase for keeping the timeout that long?

rajath-1990 commented 1 year ago

This is client requirement and to enforce security. If user is inactive for 8 hours, then user has to logout automatically and redirect to login screen

On Tuesday, 10 October 2023, Sanketh B K @.***> wrote:

what is the usecase for keeping the timeout that long?

— Reply to this email directly, view it on GitHub https://github.com/SankethBK/local_session_timeout/issues/25#issuecomment-1755498421, or unsubscribe https://github.com/notifications/unsubscribe-auth/BDFD2WTOM4VMXF3O5UZP37LX6VI25AVCNFSM6AAAAAA5ZXBUNKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTONJVGQ4TQNBSGE . You are receiving this because you were mentioned.Message ID: @.***>

SankethBK commented 1 year ago

it's possible that the operating system or device power-saving features could affect the behavior of your app's timers and lead to issues with session management over an extended period like 8 hours.

SankethBK commented 5 months ago

Hi, i've fixed this issue in latest release 3.0.0. I have removed the timer completely which has risk of getting terminated from OS, instead storing the timestamp when app is pushed to the background and calculating the time difference when app regains focus.