json([ 'success' => true, 'timeout' => SessionTimeout::TIMEOUT_DURATION, 'warning_time' => SessionTimeout::WARNING_THRESHOLD, 'check_interval' => SessionTimeout::CHECK_INTERVAL, 'logout_url' => $this->urls->webLogoutUrl(), 'keep_alive_url' => $this->urls->webSessionPingUrl(), 'check_url' => $this->urls->webSessionCheckTimeoutUrl(), ]); } public function checkTimeout(Request $request): JsonResponse { $session = $request->session(); if (! $session->has(self::SESSION_KEY)) { return $this->expireSession($request); } $lastActivity = (int) $session->get(self::SESSION_KEY); $elapsed = time() - $lastActivity; if ($elapsed > SessionTimeout::TIMEOUT_DURATION) { return $this->expireSession($request); } if ($elapsed > SessionTimeout::WARNING_THRESHOLD) { return response()->json([ 'status' => 'warning', 'time_remaining' => SessionTimeout::TIMEOUT_DURATION - $elapsed, ]); } return response()->json([ 'status' => 'active', 'time_remaining' => SessionTimeout::TIMEOUT_DURATION - $elapsed, ]); } public function pingActivity(Request $request): JsonResponse { $session = $request->session(); if (! $session->has(self::SESSION_KEY) || (time() - (int) $session->get(self::SESSION_KEY)) > SessionTimeout::TIMEOUT_DURATION) { return $this->expireSession($request); } $session->put(self::SESSION_KEY, time()); return response()->json([ 'status' => 'active', 'time_remaining' => SessionTimeout::TIMEOUT_DURATION, ]); } private function expireSession(Request $request): JsonResponse { $request->session()->flash('error', 'Your session has expired due to inactivity.'); $request->session()->forget(self::SESSION_KEY); Auth::guard('web')->logout(); $request->session()->invalidate(); $request->session()->regenerateToken(); return response()->json([ 'status' => 'expired', 'redirect' => $this->urls->webLoginUrl(), 'message' => 'Your session has expired due to inactivity.', ]); } }