32 lines
948 B
PHP
32 lines
948 B
PHP
<?php
|
|
|
|
namespace App\Http\Middleware;
|
|
|
|
use Closure;
|
|
use Illuminate\Http\Request;
|
|
use Symfony\Component\HttpFoundation\Response;
|
|
|
|
class SessionTimeout
|
|
{
|
|
public function handle(Request $request, Closure $next): Response
|
|
{
|
|
if ($request->user()) {
|
|
$timeout = config('system.security.session_idle_timeout_minutes', 30);
|
|
$last = session('last_active_at');
|
|
|
|
if ($last && now()->diffInMinutes($last) >= $timeout) {
|
|
auth()->logout();
|
|
$request->session()->invalidate();
|
|
$request->session()->regenerateToken();
|
|
|
|
return redirect()->route('login')->withErrors(['session' => 'Sesi berakhir karena tidak ada aktivitas. Silakan login kembali.']);
|
|
}
|
|
|
|
session(['last_active_at' => now()]);
|
|
$request->user()->forceFill(['last_active_at' => now()])->saveQuietly();
|
|
}
|
|
|
|
return $next($request);
|
|
}
|
|
}
|