Feature #7742
closedSuspend/restore of sessions
100%
Description
Typically, in the case of payment providers or single sign on systems, the user is redirected to perform the payment or login, and then redirected back to the application.
Wt currently removes the session when the user moves away from it (react to the unload event), or expires it after a while.
Because of this, payment or login is usually performed in a popup window, so the session can stay active.
We should be able to suspend a session before the redirect, and restore the session when redirected back, so the popup window is no longer necessary.
Updated by Roel Standaert about 4 years ago
- Description updated (diff)
- Assignee set to Roel Standaert
Possible interface:
class WApplication {
public:
std::string suspend(std::chrono::steady_clock::duration expirationTime);
}
Suspends the session after the response is sent to the browser, returning the URL that can be used to wake up and resume the session. The optional duration indicates how long the session should remain suspended before it expires. By default, this time is unlimited? Maybe some other default with the option to set it to unlimited? Maybe add a configuration option for this expiration time?
Should some extra security be applied, e.g. a cookie?
Updated by Roel Standaert over 3 years ago
- Status changed from New to InProgress
Updated by Roel Standaert over 3 years ago
- Status changed from InProgress to Review
Updated by Roel Standaert over 3 years ago
- Related to Improvements #8660: Make redirect the default OAuth method? added
Updated by Roel Standaert over 3 years ago
- Status changed from Review to Resolved
Updated by Roel Standaert almost 3 years ago
- Related to Feature #9439: Enable popup-less mode for SAML login added
Updated by Roel Standaert almost 3 years ago
- Status changed from Resolved to Closed