Session timeout redirection

Bigbug

Let's say I am in the ticket page in itflow, and the session has timed out so I need to log in again, it's not going to take me back to the ticket page, it's going to take me back to the default page like dashboard. also when a client gets an email with a link to their ticket, etc. and they click on the link if they are not logged in to the client portal they'll be redirected to the login page and when they put in the credentials they go to the default page and not to the page specified in the link that they got in email.

🙏

wrongecho

https://forum.itflow.org/d/310-time-outs-while-editing-a-document/12

Bigbug

My problem is not that any unsaved data is getting lost, my problem is that I have to renavigate to that page to continue.

for example: if I'm not signed in to my instance and i click on a link "https://itflow.myinstance.com/invoice.php?invoice_id=10" I'm getting redirected to the "/login.php" page, but then after signing in I'm not getting directed back to the path specified in the URL "/invoice.php?invoice_id=10" instead I'm getting the default "/dashboard_financial.php"

🙏

johnny

hmmm thats pretty much how login.php is supposed to work once logged in it checks the configstart page var then forwards the user there in your case its dashboard financial.php. I know what you mean but Im not sure what the best route to take to fix this. We are open to ideas from a developer perspective

Bigbug

I'm not a coder at all but have understanding in it…

Here is what my friend ChatGPT🤖 told me

If you want a more generic approach to handle redirection to any specified page after login, you can modify the code accordingly. Here's an example:

1. Modify the link to include the target page as a query parameter:

https://itflow.myinstance.com/login.php?target_page=invoice.php

2. In your login.php script, capture the `target_page` from the query parameters.

3. After successful login, check if the `target_page` is set in the session or query parameters. If it's set, redirect the user to that page.

Here's an updated code snippet:

php

php

// login.php
session_start();
// Check if the user is logged in (your login logic goes here)
if (/* User is logged in */) {
if (isset($_SESSION['target_page'])) {
$target_page = $_SESSION['target_page'];
unset($_SESSION['target_page']); // Remove it from the session
header("Location: /$target_page");
} else if (isset($_GET['target_page'])) {
header("Location: /{$_GET['target_page']}");
} else {
// Redirect to the default page if no target_page is present
header("Location: /dashboard_financial.php");
}
exit;
}
// Your login form and authentication code go here

With this approach, you can specify the target page in the URL, and the user will be redirected to that page after logging in.

johnny

interesting I think i might be able to use that. Please thank your friends Mister GPT for the wonderful answer

Bigbug

Hi johnny,

Any update about this?

johnny

no update we still don't know what might be causing it for some people and some people are not affected including us devs. Id be curious to know if someone comes up with the answer or at least can narrow down what might be causing it.

athornfam2

Anyway to adjust the timeout period of the latest version of ITFlow?

wrongecho

athornfam2

Merged into the existing post about this. It's not an intended behaviour by ITFlow but appears to be something to do with the sever config we need to workaround.

@psiiota

The issue is probably PHP Garbage Collection. I was planning to explore this when I had some free time. I think if we added a background ajax request every 10 mins in the header files we'd work around this.

https://stackoverflow.com/questions/5962671/prevent-session-expired-in-php-session-for-inactive-user

davesmith87

I 2nd this. Very much. I have to 2FA 8-10 times a day.

psiiota

@johnny @wrongecho point me in the right direction and I can fix. This is a big pain point for us aswell.

wrongecho

Hey all,

I've raised a pull request for this. Once merged, could you please update and we'll see if this helps.

itflow-org/itflow781

athornfam2

@wrongecho Seems to be better on my end. Appreciated.