Files
alrahma_sunday_school_api/app/Http/Controllers/Api/Auth/SessionTimeoutController.php
T
2026-04-23 00:04:35 -04:00

103 lines
3.1 KiB
PHP

<?php
namespace App\Http\Controllers\Api\Auth;
use App\Config\SessionTimeout;
use App\Http\Controllers\Controller;
use App\Services\ApplicationUrlService;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
/**
* Session idle timeout checks (web session cookie).
*/
class SessionTimeoutController extends Controller
{
/** CI-compatible session key */
private const SESSION_KEY = 'last_activity';
public function __construct(
private ApplicationUrlService $urls,
) {
}
/**
* CI nested routes: SessionController::getTimeoutConfig shape (URLs point at this app).
*/
public function getTimeoutConfig(): JsonResponse
{
return response()->json([
'success' => true,
'timeout' => SessionTimeout::TIMEOUT_DURATION,
'warning_time' => SessionTimeout::WARNING_THRESHOLD,
'check_interval' => SessionTimeout::CHECK_INTERVAL,
'logout_url' => $this->urls->webLogoutUrl(),
'keep_alive_url' => $this->urls->webSessionPingUrl(),
'check_url' => $this->urls->webSessionCheckTimeoutUrl(),
]);
}
public function checkTimeout(Request $request): JsonResponse
{
$session = $request->session();
if (! $session->has(self::SESSION_KEY)) {
return $this->expireSession($request);
}
$lastActivity = (int) $session->get(self::SESSION_KEY);
$elapsed = time() - $lastActivity;
if ($elapsed > SessionTimeout::TIMEOUT_DURATION) {
return $this->expireSession($request);
}
if ($elapsed > SessionTimeout::WARNING_THRESHOLD) {
return response()->json([
'status' => 'warning',
'time_remaining' => SessionTimeout::TIMEOUT_DURATION - $elapsed,
]);
}
return response()->json([
'status' => 'active',
'time_remaining' => SessionTimeout::TIMEOUT_DURATION - $elapsed,
]);
}
public function pingActivity(Request $request): JsonResponse
{
$session = $request->session();
if (! $session->has(self::SESSION_KEY)
|| (time() - (int) $session->get(self::SESSION_KEY)) > SessionTimeout::TIMEOUT_DURATION) {
return $this->expireSession($request);
}
$session->put(self::SESSION_KEY, time());
return response()->json([
'status' => 'active',
'time_remaining' => SessionTimeout::TIMEOUT_DURATION,
]);
}
private function expireSession(Request $request): JsonResponse
{
$request->session()->flash('error', 'Your session has expired due to inactivity.');
$request->session()->forget(self::SESSION_KEY);
Auth::guard('web')->logout();
$request->session()->invalidate();
$request->session()->regenerateToken();
return response()->json([
'status' => 'expired',
'redirect' => $this->urls->webLoginUrl(),
'message' => 'Your session has expired due to inactivity.',
]);
}
}