Posté le 22 juin 2022 - 12:49 |
Hi...
I have a routine where a make a reset of all the variables of the session, and then redirect to the login Page.
PROCEDURE limparVariaveis() IF gstUtilizador.gsessionid <> -1 THEN HReadSeek(Security_SessionsWeb,UserId,gstUtilizador.gsUserid) HDelete(Security_SessionsWeb) VariableReset(gstUtilizador) VariableReset(gsMenu) ContextClose(PAGE_LoginU) //APAGAR A SESSAO DA BD RESULT 1
ELSE RESULT -1 END
But after the redirect, the page indeed goes to the login page, but the url stays equal to the last page where i did de logout.
If i click the "enter", the browser goes to the page in the url, without doing the login....
In each page, i have i procedure to check, if the user as the right to acess the page,
PROCEDURE PRC_VALIDA_USER()
//VERIFICAR SE O USER TEM SESSAO INICIADA COM SUCESSO. PARA ISSO TEMOS QUE VALIDAR A TABELA SessionWeb
sEarchkey is string sEarchkey = HFilter(Security_SessionsWeb,"UserId='" + gstUtilizador.gsUserid + "' and SessionId='" + gstUtilizador.gsessionid + "'")
HReadFirst(Security_SessionsWeb,sEarchkey)
IF HFound() = False THEN //redireccionar para a pagina de login terminar programa EDT_Aux="-1" gsMensagemerroglobal ="Não tem sessao inicida no sistema" PageDisplay(PAGE_LoginU) RESULT -1 //sem token associado END
//nesta fase o user tem sessao iniciada, podemos consultar as variaveis globais do user e validar //1- validar se excedeu o timeout, caso tenho, informar e enviar para login, caso contrário atualizamos o timestamp na tabela Security_sessionWeb
HReadFirst(Security_SessionWebTimeout) //sMyDuration is string tempoactual is string = SysDateTime() //sMyDuration = DateTimeDifference(left(tempoactual,14), (left(Security_SessionsWeb.Timestamp,14)))
nMinutosInicioSessao is int = Val(Middle(Security_SessionsWeb.Timestamp,9,2)) * 60 + Val(Middle(Security_SessionsWeb.Timestamp,11,2)) nMinutosActual is int = Val(Middle(tempoactual,9,2)) * 60 + Val(Middle(tempoactual,11,2)) timeout is int = Val(Security_SessionWebTimeout.timeout) / 60
sIf1 is string = Left(tempoactual, sIf2 is string = Left(Security_SessionsWeb.Timestamp,
//assumimos q o timeout nc sera superior a 24h.
IF Left(tempoactual, = Left(Security_SessionsWeb.Timestamp, AND (nMinutosActual-nMinutosInicioSessao < timeout )THEN Security_SessionsWeb.Timestamp = DateSys() + TimeSys() HModify(Security_SessionsWeb) ELSE //timeoutexcido EDT_Aux="-2" gsMensagemerroglobal = "A sua sessao excedeu o tempo máximo permitido. Faça novamente login" HDelete(Security_SessionsWeb) PageDisplay(PAGE_LoginU) RESULT -2 //tmeoutexecedido END |
| |
| |
|