Check the docs before asking a question: https://docs.abp.io/en/commercial/latest/ Check the samples, to see the basic tasks: https://docs.abp.io/en/commercial/latest/samples/index The exact solution to your question may have been answered before, please use the search on the homepage.
- ABP Framework version: 3.0.4
- UI type: Angular
- Tiered (MVC) or Identity Server Seperated (Angular): yes
- Exception message and stack trace:
- Steps to reproduce the issue:
We are developing banking application where we have to restrict users multiple login session. At time, there should be single active login session.
user should be allowed to be logged in to one application from only one browser at a time. When user logs in then server should check his current active sessions to the same application from other browsers. If there is then log out from everywhere else and keep only newest session.
Please suggest something, which readily availble in ABP.
6 Answer(s)
-
0
Hi
See https://stackoverflow.com/questions/36151800/asp-net-mvc-identity-securitystamp-signout-everywhere.
Add the following code to your web module, It will check the security stamp every 10 seconds and log out of the login session if it changes.
Configure<SecurityStampValidatorOptions>(options => { options.ValidationInterval = TimeSpan.FromSeconds(10); }); -
0
Tried this in Host Api >> HttpApiHostModule but dint worked. I am able to login in two browser with same user.
-
0
Can you share some code? Your login mehtod and configuration code.
-
0
Sorry, I see you are using angular UI.
You can use revocation endpoint to revoke token.
-
0
Where and how do i set the token expiration time in ABP.io Identity server. currently it shows below in /connect/token? API "expires_in": 31536000, "token_type": "Bearer",
Also, give sample code to do revoke token in ABP.io Identity server.
-
0
how about storing all the user tokens in Redis or Database, and after each login revoke all the existing tokens.
