stackoom
  简体   繁体   中英

ember simple auth invalidate other user

 原文  2015-10-22 03:26:14       postgresql/ ember.js/ sails.js/ ember-cli/ ember-simple-auth

Question

I'm new to ember-simple-auth and I need some help. Say, there are 3 users, User A is Admin, User B and C are User. User C somehow able to hack User B's account and currently is logged in as User B. User B asked User A to reset his password.

I want to invalidate User C's session (who is currently logged in as User B) after User A reset User B's password.

I'm thinking of saving each user's session in a database and every time the user logs out, the session in database is also removed.

1 answers

solution1
 1 ACCPTED  2015-10-22 08:42:15

Just delete or reset the user's token on the server side. The next time they make a request with the old token they'd receive a 401 and will be logged out.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Postgres Rule to invalidate user passwords every 60 days django postgres integration error, no such table - auth user Can't find django auth user with PostgreSQL SELECTing for the other user of the pair Is it common to have an auth user object and a separate app user object? Linux start PostgreSQL with other user PostgreSQL interval invalidate Django: Encrypted password to legacy (not auth_user) table postgresql auth django (password authentication failed for user "BlogAdmin2") Django/Python: Update the relation to point at settings.AUTH_USER_MODEL
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM