I need to implement a logic, where the app should track users activity within a session. In the docs, it is said that we can use inactivity timeout for user sessions, but I don’t understand it properly, because by default it is set 3 days. In my case, I need to check user session (don’t confuse it with a jwt expiration time, as it is handled by
checkSession method) and for example, if the user is inactive within that period (let’s pretend it is 30 minutes), the app should logout him/her.
One option is to keep timestamp when a user is logged in and use that timestamp as a session
Second one is to use inactivity timeout mentioned above.
What would you advise to handle this situation ?