@interface-technologies/idle-logout v1.2.1

idle-logout

Saga and dialog component to enable automatically logging out idle users. For use with React and redux-saga.

Test cases

1. After idleLogoutDuration, IdleLogoutWarningDialog appears and begins counting down. User does nothing and they are logged out, with the "sessionExpired" added to the login page URL.
2. After idleLogoutDuration, IdleLogoutWarningDialog appears and user clicks "End session". The user is logged out. "sessionExpired" is NOT added to the login page URL.
3. After idleLogoutDuration, IdleLogoutWarningDialog appears and user clicks "Continue session", presses the X button, or presses escape. The dialog closes and the user remains logged in.
4. The user has another dialog open when idleLogoutDuration comes. The original dialog is hidden and the IdleLogoutWarningDialog fades in, all with smooth animations.
   a. If the session ends, the original dialog stays hidden and is removed from the DOM.
   b. If the session continues, the IdleLogoutWarningDialog fades out and the original dialog fades back in.
5. If the user makes continual mouse movements or key presses, the IdleLogoutWarningDialog is never shown and the auth cookie's expiration is frequently extended.
6. The user closes the application's tab while logged in, WITHOUT closing the whole browser window. After slightly more than idleLogoutDuration, if the user navigates to the application again, their auth cookie has expired and they see the unauthenticated home page.
7. User logs in to the application and puts the tab in the background. After slightly more than idleLogoutDuration, the user switches back to the tab and has been logged out.
   • Ideally IdleLogoutWarningDialog would display even with the tab in the background, but it's okay if it does not. Hard to guarantee stuff like this when the browser aggressively throttles background tabs.
8. The user has two tabs open to the application. The user moves the mouse in each tab around the same time. The user keeps tab 1 open until the IdleLogoutWarningDialog appears. The user waits until the IdleLogoutWarningDialog has opened in tab 2 as well. The user clicks "Continue session" or closes the dialog in tab 1. Tab 2's IdleLogoutWarningDialog should be hidden and the user's session should not expire after waiting until both countdowns would have completed.
9. While logged in, manually delete the auth cookie via the browser dev tools. You should be logged out after a few seconds, with "sessionExpired" added to the login page URL.