In the user login process, I need a solution to sign the user out from all other browsers.
Here’s my current code:
<code>var portalSecurity = new PortalSecurity(); </code>
<code>PortalSettings portalSettings = PortalController.GetCurrentPortalSettings(); </code>
<code>var user = UserController.GetCachedUser(portalSettings.PortalId, "azarbara"); </code>
<code>portalSecurity.SignOut(); DataCache.ClearUserCache(portalSettings.PortalId, "azarbara"); </code>
This code signs the user out from the current browser only, not from all other browsers where they're logged in. Does anyone have any ideas?
SORRY: Same code, ignore it.
Try this..,, https://github.com/Rocket...ts/User/UserUtils.cs public static void SignOut() { var ps = new PortalSecurity(); ps.SignOut(); }
I am unsure if it logs out from all browsers.
David
this code logout user only from current browser
It seems that this solution is not a good solution to solve my problem
because this method makes the user UnAuthoriseUser and the user cannot login in again the current browser
unless I authorize the user again after this function, which will not cause logout user from other browsers .
i think in the side of the cookies stored in the browser or the last IP stored in the database for the user's login should do something
Yes, that makes sense! I don;t think changing the [AuthCookies] table will solve the problem, besides you'll probably have to restart to get the change. You could try making the last activity last year. // update LastActivityDate user.Membership.LastActivityDate = DateTime.Now.AddYear(-1); UserController.UpdateUser(portalSettings.PortalId, user, false, false);
In this case, there isn't a straightforward way to do this, but I think you can make this happen by taking advantage of some of the other existing features.
By default, DNN will have the option enabled to "Force Logout After Password Change." This is found in the persona bar > Settings > Member Accounts view.
If this is enabled, you could potentially flag this to occur by forcing the end-user to change their password on next login. You'd do this by editing their account in the UI, or by changing the <code>0</code> to <code>1</code> for the user account record in the <code>UpdatePassword</code> column of the <code>Users</code> table, then clearing the cache on the site.
If these two things are done, what should happen is that the end-user is prompted on one browser to change their password on their next visit. Then, other browsers should have an invalid cookie. (This needs to be tested, though.)
These Forums are for the discussion of the open source CMS DNN platform and ecosystem.
For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:
Awesome! Simply post in the forums using the link below and we'll get you started.