The WebApp I work on has login page that opens by default when user starts the session. When user attempts to refresh any other WebPage of this WebApp Xojo will bring login page - I believe this is considered normal behavior.
However, I have been asked if there is any way to force Xojo keep the current page instead of showing login page - in other words reload the page.
Is this something that can be done in Xojo 2025R2.1 ?
I haven’t searched the tickets yet, but maybe this has already been requested?
I know I have to handle this myself, and now that the app is pretty big it’s a long job…
you must save in cookies, and direct to the correct page using that.
I would like to see an example of a pretty good handled web app for this but did not find one.
edit: in the eddie electronics web example, the hashedtagChanged event in the Session has a basic handling of that.
Sub HashtagChanged(name As String, data As String) Handles HashtagChanged
Select Case Name
Case "Log"
LogPage.Show
Case "customerID"
If Data.ToDouble > 0 Then
CustomerDetailsPage.SelectCustomerByID(Data)
End If
Else
End Select
End Sub
Look into Session.SaveState for the hashtagchanged thing from the EE demo. That allows you to control what happens if the user breaded the Back/Forward buttons.
As far as Refresh goes, that’s trickier. Xojo web apps are what is known as a single page app. That is, the browser only ever sees one page, and new content is just pushed onto that same page. The way you angle this is depends on you needs.
If you need to save the state from above, you need to prevent the user from leaving the app. That’s done with Session.ConfirmDisconnectMessage. If the user tries to leave or refresh, they get an are you sure dialog.
If you don’t care about state & history, you could use a timer to periodically store the user’s id, a unique hash that’s connected to the machine somehow and some state data on a cookie. Use a timeout that’s appropriate. Then when the user gets to the login page, check for it and restore their state.
The second one needs to be done with care. Too short a timeout and your app will lag due to the amount of traffic. Too long a timeout and you create a security risk (user walks away leaving page open and anyone can walk up and use the page with their user id without needing password, if their computer is not locked). You could use Session.UserTimeout property and Session.UserTimedOut to clear the cookie and stop the timer, which handles inactivity. This is by no means a complete picture of the risk, but a reminder to think about it.
Thank you for more info. I have looked already into Session.Hashtag and Session.HashtagChanged. I see how this can help with Back/Forth button but really that was not what I was after, plus it is hard to manage this properly as pages are opened multiple places. I actually like the fact that pressing Back/Forward buttons in browser keeps the user on the current page (aka single page app).
The real issue is to reload the page without going to the login page when user gets the idea of using browser refresh button. The idea is to invoke action behind custom “Refresh” button instead of having Xojo show default login page.