Jump to content

Need help with expired session redirect...


Slav
 Share

Recommended Posts

Hey Guys! Im new to PW and am working on a website built on PW. Im trying to understand how sessions work in PW. Specifically what exactly is happening when session expires. The thing is that my client wants to be redirected to homepage whenever session expires, so basically he doesnt want to be redirected to admin login page when he's in the admin environment of PW(he doesnt want his clients to see the admin login page for whatever reason). Is it possible to hook to the session expiration and redirect to a specific url? And what is the correct way to do it in PW?

I would appreciate the help!

Cheers!

Link to comment
Share on other sites

@Slav Welcome to the forum. Take this as a first approach

 

$homeUrl = $pages->get(1)->url;
// Prevent redirect to admin login. Redirect to homepage instead
if (!$user->isLoggedin() && isset($input->get->login)) $session->redirect($homeUrl);
if ($user->isLoggedin() && isset($input->get->login)) $session->redirect($customLoginUrl);

// set custom login/ logout urls
$login = $modules->get('ProcessLogin');
$login->setLoginURL($customLoginUrl);
$login->setLogoutURL($homeUrl);

 

  • Like 1
Link to comment
Share on other sites

Thank you guys for the replies!

@kixe

Okey this looks interesting. Where exactly should I use this snipet? And can you explain the logic little bit.. why is $customLoginUrl important there?

@szabesz

I checked the posts that you provided. I am already using this (in site/ready.php file):

wire()->addHookBefore("ProcessLogin::executeLogout", null, "setRedirect");
function setRedirect(HookEvent $event) {
   $event->object->setLogoutURL(wire('pages')->get('/')->httpUrl);
}

And it works great, but it only works when you perform Logout procedure (I needed that aswell though) not when the session expires.

In the other post they talk more about redirecting particular user to home page when he is performing login but its again not exactly what I am looking for. There is some interesting info about templates-admin "default.php" file... how does it work? Do I have to use default.php file? Whats the reason? Can anyone explain to a beginner?

 

Cheers!

Link to comment
Share on other sites

On 28.4.2017 at 9:02 AM, szabesz said:

Maybe @kixe is talkign about somthing like this (but let's ask him to clarify...):

The code I have posted is taken from a frontend login template. The frontend has a complete suite of register, login and logout templates. I use core processes in the frontend. To prevent redirects to the backend in case of successfull login/ logout or an expired session I set login and logout URLs before I execute the Process. The customers are PW users with very limited permissions.

I gave the admin area a very strange name (default: processwire) like '6gt0klw5a14' to hide it from guests or frontend users.
You can additionally protect the login with a custom cookie or IP filter in your .htaccess file.


Calling any target in the admin area without a valid session will cause render of the Login page instead. Its not recommended to change this.

  • Like 2
Link to comment
Share on other sites

@Slav, another option is to set a redirect URL in the "Access" tab of the template that has restricted access. So if I user attempts to access a page with that template when they are not logged in (for any reason - either they logged out or their session expired) they are redirected to a page of your choosing.

2017-05-01_112745.png.b291e057204d987e39dd2f4df75357b7.png

  • Like 4
Link to comment
Share on other sites

  • 2 weeks later...
On 1.5.2017 at 2:29 AM, Robin S said:

@Slav, another option is to set a redirect URL

Yeah... I would need to redirect out of the admin template... :/ 

 

On 30.4.2017 at 9:14 PM, kixe said:

The code I have posted is taken from a frontend login template.

I dont think that this is what I need... All I need is not to show the admin login page to the users (ever) if they dont use the direct link to the admin login page. So basically in frontend when users login, they can direct themselves to the admin environment page edit and when they logout from admin environment it will redirect them to frontend. So basically the admin login page is not needed (at least not needed to show to users). But the problem right now is that if user is in admin environment and is editing their page and if the session expires it redirects automatically to admin login page, but what I would need is when the session expires (in admin environment) then redirect to frontend. Usually it is possible to intercept or hook session expiration and do stuff according to that but I don't know how to do that in Processwire...

to sum it all up I need: When session expires redirect to frontend... I have an idea that I am going to try, so I will let you know if it works...

Link to comment
Share on other sites

On 30.4.2017 at 9:14 PM, kixe said:

Calling any target in the admin area without a valid session will cause render of the Login page instead. Its not recommended to change this.

@kixe Where is it rendered (what file)? I want to explore that part! Thanks!

Link to comment
Share on other sites

Ok so I managed to get the result that I was searching for! This is what I did:

In site/ready.php file I added this snippet:

wire()->addHookBefore('Page::loaded', function(HookEvent $event) {
    // Get the object the event occurred on, if needed
    $page = $event->object;
    if($page->template->name == "admin" && wire('user')->id === wire('config')->guestUserPageID){
        wire('session')->redirect(wire('pages')->get('/')->httpUrl);
    }
});

I'm not sure if it is the best way to do that, but I was unable to find a way through sessions so desided to try another approach! For me it does exactly what I needed because the website I'm working on has frontend login where you can navigate to page edit according to your permissions, so the admin login page is not necessary. Well at least that's what client wanted!

Anyway thanks guys for help!

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...