如何在没有点击注销按钮的情况下识别用户未注销?
[英]How to identify that the user is not logged off without having clicked the logout button?
问题描述
How to identify that the user is not logged off without clicking the logout button using jQuery or javascript.
如何使用 jQuery 或 javascript 来识别用户未单击注销按钮而未注销。
Here I need the logout button to appear when the user is not logged off when pressing the back button in the browser to go back to the previous page.这里我需要在浏览器中按下后退按钮go返回上一页时,当用户未注销时出现注销按钮。
Here is my logout button:这是我的注销按钮:
<a id="webviewbtn" href="#"><img src="img/logout.png" style="float:right;" /></a>
2 个解决方案
解决方案1
1 2012-04-07 18:24:56
I would prefer a method, which does not need a async call to the server, to save resources.我更喜欢一种不需要对服务器进行异步调用的方法来节省资源。
Once you are logged in your system will set a cookie with the session id.一旦您登录,您的系统将设置一个带有 session id 的 cookie。 you may also set a cookie with through your backend, which can be used to determine wether a customer is logged in or not.您还可以通过后端设置一个 cookie,可用于确定客户是否登录。
//using php here
setcookie('customer',1); //customer is logged in
setcookie('customer',0); //customer is not logged in
on your frontend you may use jquery/javascript to check for that status.在您的前端,您可以使用 jquery/javascript 来检查该状态。 I am assuming here you have the jquery cookie plugin included https://github.com/carhartl/jquery-cookie我在这里假设你有 jquery cookie 插件https://github.com/carhartl/jquery-cookie
if ( $.cookie('customer') === 1 ){
$('#webviewbtn').show(); //show logout button
}
else{
$('#webviewbtn').hide(); //no logout button needed
}
in that szenario it is really important, that the 'customer' cookie has the same domain AND the same duration as the session cookie.在那个场景中,“客户”cookie 与 session cookie 具有相同的域和相同的持续时间非常重要。 Otherwise returning customers may have the customer cookie still set to 1 but the session cookie is already out of date.否则,回头客的客户 cookie 可能仍设置为 1,但 session cookie 已经过时。 Also all actions called from the customer need to be verified in the backend, to verify that the state customer === 1 is still valid there.此外,所有从客户调用的操作都需要在后端进行验证,以验证 state 客户 === 1 在那里仍然有效。 Otherwise you have a big security issue, since everybody can set that cookie to 1:)否则你会遇到很大的安全问题,因为每个人都可以将该 cookie 设置为 1:)
解决方案2
0 2012-04-05 09:14:57
When performing any form of action on your webpage, have a method call async or synchronously a webservice that validates the user.在您的网页上执行任何形式的操作时,有一个方法调用异步或同步验证用户的 web 服务。
If the server returns an okay message then user would still be logged in. This action can be performed when rendering the logout button or when the user performs any other "important" action.如果服务器返回一条 okay 消息,那么用户仍将登录。此操作可以在呈现注销按钮或用户执行任何其他“重要”操作时执行。
You can also store information in a cookie with an expiration time.您还可以将信息存储在带有过期时间的 cookie 中。 This can then be managed that if you press the backbutton in the browser the cookie is cleared and the user is logged out or what have you.然后可以对其进行管理,如果您按下浏览器中的后退按钮,cookie 将被清除并且用户将注销或您有什么。
There are a lot of possibilities of this implementation and unfortunately I don't have a "best practice" case here to offer you.这种实现有很多可能性,不幸的是我没有在这里提供给你的“最佳实践”案例。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.