Need to warn user prior to cognito session expiration


I have an angular site, secured with cognito for login. I would like to warn the user prior to their session expiration so they can save any work they have pending. Is this possible? Is it possible to extend their session, without requiring a full re-login?

posta 2 mesi fa123 visualizzazioni
1 Risposta
Risposta accettata

Hi, Yes, it's possible to warn users about their impending session expiration and offer them the option to extend their session without requiring a full re-login in an Angular site secured with AWS Cognito. This involves using Cognito's session management and refresh token capabilities. Here’s how you can approach this:

  • Step 1: Detect Session Expiration: Decode the Cognito access token to find the expiration time (exp claim) and set a timer in your Angular app to alert the user a few minutes before the session expires.

  • Step 2: Warn the User: Use a modal or notification in your Angular application to inform the user that their session is about to expire, offering them options to either "Save and Log Out" or "Extend Session".

  • Step 3: Extend the Session: Before the access token expires, use the refresh token to request new tokens from Cognito. This can be done automatically or in response to user action (e.g., clicking "Extend Session").

Below is the sample code to implement this:

import { AuthenticationDetails, CognitoUser } from 'amazon-cognito-identity-js';
import { CognitoAuthService } from './path-to-your-cognito-auth-service';

// This could be part of your auth service
extendSession() {
  const currentUser = this.cognitoAuthService.getCurrentUser();
  if (currentUser != null) {
    currentUser.getSession((err, session) => {
      if (err) {
        console.error('Error getting session:', err);
      if (session.isValid()) {
        // Session is still valid, no action needed
        console.log('Session is still valid');
      } else {
        currentUser.refreshSession(session.getRefreshToken(), (err, session) => {
          if (err) {
            console.error('Error refreshing session:', err);
          console.log('Session successfully refreshed');
          // Update your application with the new tokens

Hope this helps.

con risposta 2 mesi fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande