1
I am working on an application and this doubt arose me while doing some tests, where I ran some changes, such as password change, on the computer but my user remained logged in to the mobile phone. Or, as some other services do (stackoverflow, google, etc.), where there is the option to drop and drop on all devices.
I’m using AngularJS
in front end and PHP
with database MySql
.
My initial idea would be to create a new field in the comic book, like usuarioLogado
and every time the user access the page do the value check.
- Whenever the user logs in, change the value to 1.
- Whenever the user loans, change the value to 0.
- Whenever the user accesses the page and there is access history, or cookie, check what is the value. If it is
0
, force a new login.
I do not know if this logic is correct, taking into account the safety of the user and the practicality of doing this.
Or is there some other method more "correct", more practical to obtain this result?
How about authenticating via JWT and renewing the token whenever the user wants to deploy from all devices?
– Jéf Bueno
@jbueno humm.. Can you elaborate a more in-depth answer on that? I’ve read a little about JWT, but nothing too thorough, so I don’t know the use.
– celsomtrindade