Restore data from expired forms #105
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…oid issues with _old_input from the login forms
Closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When a user leaves e.g. the observation form in Qualix open for a long time (more than 2 hours with the default configuration), he gets logged out automatically because his session expires on the server side. Unfortunately, the form in the browser is still visible by then, and the user can still type in it and try to submit the form, leading to a loss of all entered data when the user is redirected to the login page. This seems to happen regularly in courses, since we got multiple reports about it during a single one-week course. People left the form open overnight or during blocks they taught.
This PR fixes this issue, by saving the submitted form content (in the new session) until the user logs back in. (If the user clicks the submit button on the form and then waits for another 2 hours before logging in, the entered data is permanently lost)
Obsoletes #74. While we still rely on the users to (manually or automatically) lock their screens when they leave the computer, the underlying issue of data loss in #74 is addressed here. Logging out the user after 15 minutes is not a secure solution anyways now that we have the MiData OAuth passwordless login.