0

I need to have my web app destroy/unset the Zend_Auth session when a user leaves the site: for example when a user navigates away from myapp.com to say google.com, when they come back the session is no longer set?

Preferable to allow refresh without unsetting (but not essential as the first part must apply).

Anyone had experience with doing this before?

Peter O.
  • 32,158
  • 14
  • 82
  • 96
Kal
  • 2,239
  • 6
  • 36
  • 74
  • 1
    possible duplicate of [Best way to detect when user leaves a web page](http://stackoverflow.com/questions/147636/best-way-to-detect-when-user-leaves-a-web-page) – Marc B Oct 02 '12 at 15:19
  • Maybe with dispatchLoopShutdown()? – Kal Oct 02 '12 at 15:57

1 Answers1

0

Make an ajax call before unloading the page, that clears the identity of the Zend Auth 

<script language="JavaScript">
        window.onbeforeunload = function(){
        $.get('http://example.com/auth/clear');
    }
</script>

ServerSide:

public function clearAction(){
    Zend_Auth::getInstance()->clearIdentity();
}
Omar
  • 8,374
  • 8
  • 39
  • 50
  • Is there a way to ignore a refresh though or is that no possible? – Kal Oct 03 '12 at 08:28
  • With this method also it is a tad tricky to add a confirmation box with a yes to call the ajax and a no to return to the page. – Kal Oct 03 '12 at 08:51
  • you can do: window.onbeforeunload = function(){ if(confirm('are you sure?')){ $.get('http://example.com/auth/clear'); }else{ return false; } }; How does it refreshes ? – Omar Oct 03 '12 at 10:04