Component: Automatic logout

Introduction

Security is one of the most important factors of an application. Having the application idle for a certain amount of time could lead to leaking of sensitive data or misuse of the application. The automatic logout component is developed to ensure the application will not be idle for a long time without surveillance. The automatic logout component shows a session timeout popup to ask the user to stay signed in; otherwise, it will automatic logout.

Features

Configuration

The component has a page to manage a list of auto-logout configurations. Each configuration contains the following settings:

  • Worker site: The worker site uses the auto-logout feature.
  • Idle timeout: The amount of time in minute, after the application is idle, to show the session timeout popup.
  • Stay signed-in timeout: The amount of time in second to wait for the user to decide "Stay signed-in" or "Logout".

auto logout configuration

Enable the automatic-logout feature on the worker site

Go to Casewhere Admin site and do the following steps:

  • Go to the Worker Site Components menu.
  • Edit the Cw Support Auto-Logout component.
  • Select the worker site to enable the automatic-logout feature and click the Save.
  • Edit the Cw Session Timeout Modal component.
  • Select the worker site to enable the automatic-logout feature and click the Save.

enable auto-logout

Extend the external session

When the status is "Stay signed-in", the event cwAutoLogout_StaySignedIn is triggered so that other external session can subscribe to validate or handle the event accordingly.

Installation

Requirements

Casewhere 2.6.10 or later

Known issues

The component only works with the worker sites with the different domains.

GDPR compliance

The component will create a new item, called IdleTimeout, in the localstorage to keep track of the time to show the session timeout popup pop-up when the application is idle.

Releases

1.0.0 - 13/04/2021

Changelog

  • Configuration
  • Enable the automatic-logout feature on the worker site
  • Extend the external session

Download (login required): Automatic logout v1.0.0.