Reputation: 148
ASP.Net Identity sign-out all sessions
How do you sign-out all sessions with ASP.NET Identity? Lets say you are signed-in from two different browser with the same user. When the user signs-out from one browser, the session of the other browser should be invalidated as well. (I need this to invalided all sessions of a user on password change.)
You can sign-out the current session with ASP.Net Identity with the following code.
var AutheticationManager = HttpContext.GetOwinContext().Authentication;
AuthenticationManager.SignOut();
This will not sign-out all sessions of a user.
Edit: The idea with the session was a good starting point. I solved the problem and wrote a blog post in case you have the same problem.
Upvotes: 4
Views: 4532
Answers (1)
Reputation: 156918
You can achieve this by adding a newly created session from the Global.asax in a list.
Iterate afterwards to compare the user and SignOut the user's sessions.
protected void Session_Start(object sender, EventArgs e)
{
MyGlobalObject.Sessions.Add(HttpContext.GetOwinContext().Authentication);
}
And later, in the signout event:
private void SignoutAll()
{
foreach (var authenticationManager in MyGlobalObject.Sessions)
{
authenticationManager.SignOut();
}
}
Upvotes: 5
Related Questions
- How to get asp.net identity logout to work?
- IdentityServer4 logout
- ASP.Net Identity Logout
- ASP.NET/IIS: Log out all users
- Asp.net mvc identity SecurityStamp signout everywhere
- Signout all users with the same username asp identity
- ASP.NET Identity sign out another user
- ASP.net Identity 2.0 Sign-out another user
- ASP.NET Identity - 'log out'
- How to properly sign out user