Logout not happening when reopen browser

Sorry for the delayed response.

The code in the modules hook_init implementation will log the user out if they revisit a page outside the timeout so there should be no need to capture a browser close event.

I set the timeout for a user to 60 seconds, logged in as them, closed the browser window, waited for 2 minutes, reopened the browser window and saw a message about being logged out because of inactivity.

I cannot replicate the issue described here so setting to needs more info. Anyone able to provide reliable steps to reproduce please do reopen the issue.

It's happening when you use some module that cache the whole page for logged users, Authcache, for instance.

When you use Authcache, the request don't go trough the hook_init because it intercepts the request and deliver the request to the logged user.

One solution in this case could be to call the Ajax as soon as the page is loaded, not only after 60 seconds.

We created one patch that execute the method init in javascript immediately if authcache is enabled and if is valid add too authcache-debug url in hook_autologout_prevent to prevent that authcache debug set $_SESSION['autologout_last'] if enabled.

Why not a simple cron task to delete from the session table?