Display Message after Session Timeout

Topics: Customizing Orchard
Jan 14, 2015 at 5:29 PM
I'm using the RealtyShares.SessionTimeout module to automatically end sessions if the user is idle for too long, but would like to be able to display some sort of message letting the user know the session has been ended and they need to login again. This is the code from the module:

namespace RealtyShares.SessionTimeout.Services
{
[OrchardSuppressDependency("Orchard.Security.Providers.FormsAuthenticationService")]
public class FormsAuthenticationService : IAuthenticationService
{
    private readonly Orchard.Security.Providers.FormsAuthenticationService wrapped;

    public FormsAuthenticationService(
        ShellSettings settings,
        IClock clock,
        IContentManager contentManager,
        IHttpContextAccessor httpContextAccessor,
        IFeatureManager featureManager,
        IRepository<SessionTimeoutSettingsPartRecord> repository)
    {
        wrapped = new Orchard.Security.Providers.FormsAuthenticationService(settings, clock, contentManager, httpContextAccessor);

        // The try...catch block ensures we don't have yellow screens of death when
        // the module is being enabled.
        try
        {
            if (featureManager.GetEnabledFeatures().Any(f => f.Id == "RealtyShares.SessionTimeout"))
            {
                var record = repository.Fetch(r => true).FirstOrDefault();
                wrapped.ExpirationTimeSpan = TimeSpan.FromMinutes(record == null ? SessionTimeoutSettingsPartRecord.DefaultDuration : record.SessionDuration);
            }
        }
        catch (Exception) { }
    }

    public void SignIn(IUser user, bool createPersistentCookie)
    {
        wrapped.SignIn(user, createPersistentCookie);
    }

    public void SignOut()
    {
        wrapped.SignOut();
    }

    public void SetAuthenticatedUserForRequest(IUser user)
    {
        wrapped.SetAuthenticatedUserForRequest(user);
    }

    public IUser GetAuthenticatedUser()
    {
        return wrapped.GetAuthenticatedUser();
    }
}
}

I have tried to add a notifier in the SignOut function but this only shows the message when a user actually clicks to logout which isn't what I want. I was also trying to add a Logger to the FormsAuthenticationService wrapped but kept running into issues of not being able to convert the type from one to the other (void to ILogger). Any ideas on how I can get this implemented? Thank you.
Jan 14, 2015 at 5:41 PM
I guess the type FormsAuthenticationService is actually just a custom name for the class but it extends the IAuthenticationService interface. It has its own methods for SignIn and SignOut would it be possible to override the wrapped.SignOut function to display a custom message? This would probably still display the message whenever the user manually signs out as the SignOut function calls the wrapped.SignOut function. Is there a way you could determine how the user was logged out and only show the message if it was due to a session end?
Jan 14, 2015 at 6:36 PM
Actually, would I be able to just check the cookie to see if it has expired or not and then display a notification using the notifier if the cookie has expired? Also, I'm a little confused as to how the cookie is kept from expiring as long as the user is not idle. Can anyone explain how this works? I'm new to sessions and cookies. Thank you.