i want to make login system, and check if user is multiple login and give notification " account already login in other device" in current user login. how to make system like that? I've searched for it on google but couldn't find the right one
check if user is multiple login and give notification " account already login in other device" in current user login
Problem:
You can't really tell when the user is still logged in because the stateless server.
Lets say I log in inside an incognito window. When I close the session cookie is deleted.
But on the server it's still exists. How do you tell I'm actually logged in or not?
Solution:
You can make a heartbeat request to the server and log the activity.
So you have a JS code sending request in every minute so you know the user is online. Also in every request you set the cookie as well.
So you log the last activity time in every minute and every request.
When the user tries to log in you check if the logged activity is older than two minutes.
Related
In my project, when user logs in, then I make an entry in A table Called LogTable and show it to the Admin Page that this user is online. And when user clicks on the log out button, then I delete data of that user from the log table, so this user is not shown online to the admin.
Now the main problem is that if user will close his browser without clicking that button, then how to delete those data.
Or what can be other way to achieve it in the best way?
I want that if user logs in from one system and tries to login from another system, then firstly we show that you are logged in another system and if she/he clicks on retrieve, then her/his other login automatically logs out and she/he has to login again.
Integrate your c# with javascript, javascript detect browser close, if you want to delete your data from db then you have to make http request for deleting data in this function. Try to interate it or make xml ajax request when browser is closing.
$(window).bind("beforeunload", function() {
return "write your code over here for deleting data.";
})
I would suggest reading up on the ASP.NET life cycle here and here.
Usually, we store that information using Session state.
The session is created for each user individually and will be automatically destroyed after a certain amount of inactivity or after the user has moved away from the page.
You could possibly use Application state.
But application state is shared among all users and persists until the last user has navigated away from the site.
I hope this helps :)
I have a problem with Facebook authentication logic:
On home page load, I call getLoginStatus() and if I get "connected", I redirect the user to his account page. If not, the user can click the login button that calls FB.login().
If the user is logged in and then navigates back to home page (full page load), getLoginStatus() there returns "connected" as expected and user gets bounced back to account page.
However, when the logged in user calls FB.logout() and repeats steps 1-2, the 2nd step will always yield "unknown" login status. So, FB.logout() basically breaks my bouncing logic.
I checked the mechanics of login/logout calls and it appears FB.logout() creates a fblo_<appId> cookie with 1 year expiration that blocks getLoginStatus() from returning the proper status. This seems to be the actual mechanism for keeping people logged out, which I can understand. What I can't understand, though, is: why this cookie is not deleted on a successful FB.login() call?
I fixed it myself by programatically deleting the cookie fblo_<appid> in callback functions of both FB.login() and FB.logout()
I was experiencing this a few days ago but I'm not seeing the issue any more.
In either case make sure you consider these different scenarios when testing:
A person logs into Facebook, then logs into your app. Upon logging out from your app, the person is still logged into Facebook.
A person logs into your app and into Facebook as part of your app's login flow. Upon logging out from your app, the user is also logged out of Facebook.
A person logs into another app and into Facebook as part of the other app's login flow, then logs into your app. Upon logging out from either app, the user is logged out of Facebook.
https://developers.facebook.com/docs/reference/javascript/FB.logout/
Debugging tip:
In the Application tab in Chrome you can select Cookies in the left panel and then type fblo into the search box to filter by that name. When I call FB.login and successfully authenticate I see that the fblo cookie disappears - so I believe this issue fixed.
How can I detect in JavaScript if a session has terminated. I have a survey application that can take a while to complete. On the save button I want to see if the session is still active and if not to display a message. I don't want to go through messages indicating how much time before it closes.
I have a angular application with api calls being made to back end for logging and and so forth. What i need is to be able to tell when the session expires and logged the user out.
I know on every route change i can check if the user is logged in or not which i do right now but how can i handle it when they are idle. So i have instances where the user is on a specific page and remains inactive and although they are logged out in the back end i do not know on the front end and need some where to constantly be checking. Any solutions for the best method.
A client-side solution without polling:
(re)start a timer at each route change to show a message after 15(this number should coincide with the amount of time the user is logged out in the back-end) minutes.
The only downside to this is that if your app sends data outside of route changes the user could receive of notification of being logged out while the user is still logged in.
It would also require that your route changes actually send a request to the back-end.
I have something to resolve. I have a website use Spring security for authentication and check login ...When user open two tab, a one tab they login with one user account, and other tab, user will login with other user account. I want to inform to a first tab that "you're invalid session" or "have other user account login" or something like that. It's like how gmail works.
Now, I have some idea:
I will use ajax to check with server every 5s and get the information of current user account.
Trap before click event and ajaxSend event for check with server, if have other user account, abort it and inform to user.
Use WebSocket for communicate with server. I think server need to manage a lot of user account and it will make server work a lot.
Any idea about that?
Thanks in advance!