Need to warn user prior to cognito session expiration

0

I have an angular site, secured with cognito for login. I would like to warn the user prior to their session expiration so they can save any work they have pending. Is this possible? Is it possible to extend their session, without requiring a full re-login?

motb
asked 19 days ago84 views
1 Answer
1
Accepted Answer

Hi, Yes, it's possible to warn users about their impending session expiration and offer them the option to extend their session without requiring a full re-login in an Angular site secured with AWS Cognito. This involves using Cognito's session management and refresh token capabilities. Here’s how you can approach this:

  • Step 1: Detect Session Expiration: Decode the Cognito access token to find the expiration time (exp claim) and set a timer in your Angular app to alert the user a few minutes before the session expires.

  • Step 2: Warn the User: Use a modal or notification in your Angular application to inform the user that their session is about to expire, offering them options to either "Save and Log Out" or "Extend Session".

  • Step 3: Extend the Session: Before the access token expires, use the refresh token to request new tokens from Cognito. This can be done automatically or in response to user action (e.g., clicking "Extend Session").

Below is the sample code to implement this:

import { AuthenticationDetails, CognitoUser } from 'amazon-cognito-identity-js';
import { CognitoAuthService } from './path-to-your-cognito-auth-service';

// This could be part of your auth service
extendSession() {
  const currentUser = this.cognitoAuthService.getCurrentUser();
  if (currentUser != null) {
    currentUser.getSession((err, session) => {
      if (err) {
        console.error('Error getting session:', err);
        return;
      }
      if (session.isValid()) {
        // Session is still valid, no action needed
        console.log('Session is still valid');
      } else {
        currentUser.refreshSession(session.getRefreshToken(), (err, session) => {
          if (err) {
            console.error('Error refreshing session:', err);
            return;
          }
          console.log('Session successfully refreshed');
          // Update your application with the new tokens
        });
      }
    });
  }
}

Hope this helps.

answered 18 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions