We are developing web services based on node.js.
Redis is used for the session.
For example, if this is the case,
A user logged in to Web Service A from a public PC, not from a personal PC. Close the browser without using the service and manually logging out.
If another user accesses Web Service A in this situation, the login will be maintained.
I have no idea how to solve this situation, and I can't find any keywords to search for.
n It is based on the express framework of node.js and uses a session as redis.
javascript node.js session logout redis
Using a session with redis means storing session data in redis.
We need a session ID anyway and we need to bake it with cookies. The session ID stored in the generated cookie can be put in the header and sent to the server to check the session.
If you close the browser, the session ID will be different. This means that if you close the browser, it's unlikely to be a problem. Of course, it's different if you close the tab.
© 2024 OneMinuteCode. All rights reserved.