CODEWITHSUNDEEP
javascriptangularjscookiesauthenticationlogout
Rathma
Rathma

Reputation: 1313

logout user from all active tabs

I have three instances of my application open in three separate tabs, user logs out from one tab, and in the same tab logs in with another credentials, and start browsing with one of the two other tabs, How can I logout user from those two tabs?

My front end technology is AngularJS, APIs are written in Web Api, I use token for authentication, token is stored inside a session cookie.

Upvotes: 1

Views: 1691

Answers (2)

NTP
NTP

Reputation: 4448

when user logouts from one tab you can send a request to server to disable/destroy the token.

In your web API you can check if token is valid, if it is not you can return unauthorized status code.

if (!IsValidToken())
    return Request.CreateResponse(HttpStatusCode.Unauthorized,ErrorMessage);

and use interceptors to redirect user to your login page when you recieve unauthorised status from server.

.factory('myInterceptor', ['$q', '$location', '$injector', function ($q, $location, $injector) {
    return {
        response: function (response) {
            return response || $q.when(response);
        },
        responseError: function (rejection) {
            if (rejection.status === 401) {
                var stateService = $injector.get('$state');
                stateService.go('login');
            }
            return $q.reject(rejection);
        }
    }
}])
.config(['$httpProvider', function ($httpProvider) {
    $httpProvider.interceptors.push('myInterceptor');
}]);

with this method users would be redirected to login only if they do further requests from those others tabs. If you want them to be redirected without doing any request you can use $interval to check validity of the token every few seconds.

Upvotes: 0

Madhusudan Mishra
Madhusudan Mishra

Reputation: 27

When user clicks on logout, the following script works 

<?php

if (isset($_POST['submit'])) {
session_start();
session_unset();
session_destroy();
header("Location: ../index.php");
exit();
}

It automatically destroys the session from all tabs. When user Login with other credentials in one tab, he is still able to access the same page in other tabs because the session is still on with his credentials on the page.

Upvotes: -2

Related Questions