Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Only one login per device/browser? #278

Open
code-r-man opened this issue Jul 12, 2022 · 4 comments
Open

Only one login per device/browser? #278

code-r-man opened this issue Jul 12, 2022 · 4 comments

Comments

@code-r-man
Copy link

Is it possible to force logout from all other devices/browsers on log in?

I would need this to prevent people from sharing their credentials with others, so once a login is performed on one device/browser all others should be logged out.

Thank you in advance.
@code-r-man code-r-man changed the title Only one login per device (browser)? Only one login per device/browser? Jul 12, 2022
@zfarkas88
Copy link

Do this after login
$auth->logOutEverywhereElse();

Link

@code-r-man
Copy link
Author

Do this after login
$auth->logOutEverywhereElse();

Link

I've tried this but nothing happens to other devices, they are still logged in (they don't get logged out after refreshing the page).
I've also changed the 5th argument of the class instantiation to 10s in an attempt to sync everything quicker.

Could be I am doing something wrong also 😇

@zfarkas88
Copy link

zfarkas88 commented Jul 12, 2022
edited

Do this after login
$auth->logOutEverywhereElse();
Link

I've tried this but nothing happens to other devices, they are still logged in (they don't get logged out after refreshing the page). I've also changed the 5th argument of the class instantiation to 10s in an attempt to sync everything quicker.

Could be I am doing something wrong also 😇

Is there any error or warning?

I got headers already sent error.
Fatal error: Uncaught Delight\Auth\HeadersAlreadySentError in /composer_modules/vendor/delight-im/auth/src/Auth.php:549

The catched warning:
Warning: session_regenerate_id(): Cannot regenerate session id - headers already sent in /composer_modules/vendor/delight-im/cookie/src/Session.php on line 66

Update: Maybe I did something wrong but the example also not working
example

Update2: The example is works after a few minutes

@eypsilon
Copy link

Update2: The example is works after a few minutes

Note: Global logouts take effect in the local session immediately, as expected. In other sessions (e.g. on other devices), the changes may need up to five minutes to take effect, though. This increases performance and usually poses no problem. If you want to change this behavior, nevertheless, simply decrease (or perhaps increase) the value that you pass to the Auth constructor as the argument named $sessionResyncInterval.

https://github.com/delight-im/PHP-Auth/tree/79cc24931811f01a207cf0eb36b71cb84c71390b#logout

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@zfarkas88 @code-r-man @eypsilon