I'm new to ember-simple-auth and I need some help. Say, there are 3 users, User A is Admin, User B and C are User. User C somehow able to hack User B's account and currently is logged in as User B. User B asked User A to reset his password.
I want to invalidate User C's session (who is currently logged in as User B) after User A reset User B's password.
I'm thinking of saving each user's session in a database and every time the user logs out, the session in database is also removed.
Aucun commentaire:
Enregistrer un commentaire