What are the Slack Archives?
Itβs a history of our time together in the Slack Community! Thereβs a ton of knowledge in here, so feel free to search through the archives for a possible answer to your question.
Because this space is not active, you wonβt be able to create a new post or comment here. If you have a question or want to start a discussion about something, head over to our categories and pick one to post in! You can always refer back to a post from Slack Archives if needed; just copy the link to use it as a reference..
Team , Is there any documentation to implement logout from all devices in Spryker or any modules ava
Team , Is there any documentation to implement logout from all devices in Spryker or any modules available?
Comments
-
No documentation, but for Yves it's hard, you would need to go through all sessions in the session storage and drop those for the customer you want to do it. Logout of all customers in Yves is pretty easy, just empty the session storage.
For Glue it's easier, just drop the refresh tokens for the customer (
spy_oauth_refresh_token
) you want to logout and wait until the access token has expired (that's why it is a good idea to have a short lifetime for access tokens).
An instant logout for Glue is not that easy and would require to check every Access token if it is still in the database which has a high performance impact and I would strongly advice against.0 -
Session storage for Yves is redis I believe and clearing up all redis sessions for specific user wil logout from all devices right? hope Spryker/Security is the module to look at?
0 -
Depends, but by default the Yves sessions are stored in redis, yes.
To my knowledge there is no implementation yet to delete all sessions for a specific customer, as this would require to iterate through all session in the session storage, which is an expensive operation, depending on how many sessions are in the session storage.
0 -
Okay thank you for the information @UL6DGRULR
0 -
@UL6DGRULR can yon brief on the expensive operation for clearing session storage in Redis? its just identifying and clearing specific customer redis sessions right? or that needs any detailed approach
0 -
maybe you can store the redis key in a database table on session creation combined with the email as second column so you have a reference which sessions are connected to which user.
0 -
understood. Thank you @U031G802S74
0
Categories
- All Categories
- 42 Getting Started & Guidelines
- 7 Getting Started in the Community
- 8 Additional Resources
- 7 Community Ideas and Feedback
- 75 Spryker News
- 924 Developer Corner
- 783 Spryker Development
- 88 Spryker Dev Environment
- 362 Spryker Releases
- 3 Oryx frontend framework
- 35 Propel ORM
- 68 Community Projects
- 3 Community Ideation Board
- 30 Hackathon
- 3 PHP Bridge
- 6 Gacela Project
- 25 Job Opportunities
- 3.2K π Slack Archives
- 116 Academy
- 5 Business Users
- 370 Docker
- 551 Slack General
- 2K Help
- 75 Knowledge Sharing
- 6 Random Stuff
- 4 Code Testing
- 32 Product & Business Questions
- 70 Spryker Safari Questions
- 50 Random