Code to logout a user when he opens a new tab on same application on same browser

Question

0.00/5 (No votes)

See more:

I want to implement a logic when say my application url is xyz.com suppose a user is login in my application xyz.com and when the same user opens the same application in new tab of same browser i want to logout that user which generally happens in banking websites.
I have been using this javascript along with sessionStorage concept, i am calling from a central codebehind page when some one is login the javascript method is called with true parameter and it check with the session varioable which is set to 1 for each new tab opened
so whenever a user is logedin and a new tab it gets logout
All is working fine,just a little issue is there when i hold ctrl button and open a new tab by clicking on any link of the application the sessionStorage variable in the new tab holds the last tab value, here is where i am facing the problem !!
How to resolve this i cant disable or stop the ctrl button in the application as it is probhited to do so !!

C#

function MultiTabLogOut(strLoginFlag)
{
        alert(strLoginFlag);
        if (sessionStorage.clickcount) {
            sessionStorage.clickcount = Number(sessionStorage.clickcount) + 1;
            }
       else{
            sessionStorage.clickcount = 1;
        }
if(sessionStorage.clickcount<2 &&strLoginFlag =='true'){
        alert('You cant open the application in different tab of same browser!Kindly login again!');
            window.location.href='/_layouts/SignOut.aspx';
}
    }

Posted 12-Jan-15 20:31pm

Member 8073143

Add a Solution

Comments

Nathan Minier 13-Jan-15 7:26am

This is going to require a 2 pronged approach. You're going to need to code the backend to control sessions based on a verification token, and code the front end to track and send a verification on each request. Depending on your exact framework, there's a few ways to do this, but I would suggest looking up ValidationToken mechanisms, and understand that what you want to do is slightly different from the normal application of these tokens.

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

MohitMunjal · Answer 1 · 2015-01-14T00:19:00

I am not sure about this but we can proceed like this.
Maintain a local cookie when your application proceed and that cookie should contain timestamp plus "abc"(whatever) such that you can search that easily.And make your code such that your code looks that cookie in every 30 secs if the cookie is available or found then proceed otherwise redirect to login page.Now when the user start the application in new tab check for "abc"(whatever) already exist if exist then delete that and then make one this application.
This way older running application cookie is deleted so the code that is running after 30 sec will fire and will not found cookie so it will fire the redirect code.