How to submit a form after a long period of inactivity?

S

Ssonik2020-12-01 12:15:26

Laravel

Ssonik, 2020-12-01 12:15:26

Problem: The user opens a tab with the site and forgets about it for a long time (let's say from 3 hours to 3 days).
Then he tries to submit the form, but it does not work (as far as I understand, the token has expired).

Possible Solution

Extend token expiration
Exclude page from Csrf check

There are other options? And what are the problems with these?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

A

Alexey Ukolov, 2020-12-01
@Ssonik

You can use the specially made GeneaLabs/laravel-caffeine package for such purposes . It adds a script to the page that, after a certain interval, kicks the backend and extends the session.

R

Roman Sarvarov, 2020-12-01
@megakor

It is correct that it throws you out of the session after a while. Your second option is not very secure.
It seems to me that it would be correct to make it so that every minute an ajax request is sent from the user with an update ("prolongation") of the session.
In addition, this option is very simple to implement. Well, or really, increase the life of the token, and that’s all.