From e26166a45b268d041c539af86ee32e8d6d25d53f Mon Sep 17 00:00:00 2001
From: Julian Lam <julian@designcreateplay.com>
Date: Tue, 16 Aug 2016 13:48:53 -0400
Subject: [PATCH] closes #4950

---
 public/language/en_GB/error.json |  5 ++++-
 public/src/app.js                | 26 ++++++++++++++++++++++++++
 public/src/sockets.js            |  6 ++++++
 src/socket.io/index.js           |  2 ++
 4 files changed, 38 insertions(+), 1 deletion(-)

diff --git a/public/language/en_GB/error.json b/public/language/en_GB/error.json
index 319f5005b6..b6ddd1a2bb 100644
--- a/public/language/en_GB/error.json
+++ b/public/language/en_GB/error.json
@@ -153,5 +153,8 @@
 	"no-users-in-room": "No users in this room",
 	"cant-kick-self": "You can't kick yourself from the group",
 	"no-users-selected": "No user(s) selected",
-	"invalid-home-page-route": "Invalid home page route"
+	"invalid-home-page-route": "Invalid home page route",
+
+	"invalid-session": "Session Mismatch",
+	"invalid-session-text": "It looks like your login session is no longer active, or no longer matches with the server. Please refresh this page."
 }
diff --git a/public/src/app.js b/public/src/app.js
index a913517363..ecb17de0c9 100644
--- a/public/src/app.js
+++ b/public/src/app.js
@@ -117,6 +117,10 @@ app.cacheBuster = null;
 	};
 
 	app.alertError = function (message, timeout) {
+		if (message === '[[error:invalid-session]]') {
+			return app.handleInvalidSession();
+		}
+
 		app.alert({
 			title: '[[global:alert.error]]',
 			message: message,
@@ -125,6 +129,28 @@ app.cacheBuster = null;
 		});
 	};
 
+	app.handleInvalidSession = function() {
+		if (app.flags && app.flags._sessionRefresh) {
+			return;
+		}
+
+		app.flags = app.flags || {};
+		app.flags._sessionRefresh = true;
+
+		require(['translator'], function(translator) {
+			translator.translate('[[error:invalid-session-text]]', function(translated) {
+				bootbox.alert({
+					title: '[[error:invalid-session]]',
+					message: translated,
+					closeButton: false,
+					callback: function() {
+						window.location.reload();
+					}
+				});
+			});
+		});
+	};
+
 	app.enterRoom = function (room, callback) {
 		callback = callback || function() {};
 		if (socket && app.user.uid && app.currentRoom !== room) {
diff --git a/public/src/sockets.js b/public/src/sockets.js
index 461c148be7..f2a9bfd346 100644
--- a/public/src/sockets.js
+++ b/public/src/sockets.js
@@ -28,6 +28,12 @@ app.isConnected = false;
 		setTimeout(socket.connect.bind(socket), parseInt(config.reconnectionDelay, 10) * 10);
 	});
 
+	socket.on('checkSession', function(uid) {
+		if (parseInt(uid, 10) !== parseInt(app.user.uid, 10)) {
+			app.handleInvalidSession();
+		}
+	});
+
 	socket.on('event:banned', onEventBanned);
 
 	socket.on('event:alert', app.alert);
diff --git a/src/socket.io/index.js b/src/socket.io/index.js
index cebbfe1a24..3ec75ecd0d 100644
--- a/src/socket.io/index.js
+++ b/src/socket.io/index.js
@@ -56,6 +56,8 @@ var ratelimit = require('../middleware/ratelimit');
 		} else {
 			socket.join('online_guests');
 		}
+
+		io.sockets.sockets[socket.id].emit('checkSession', socket.uid);
 	}
 
 	function onMessage(socket, payload) {