如何在使用相同帐户和不同计算机登录时注销我的帐户 [英] How to logout my account when login with same account and different machine

问题描述

先生，我希望我的帐户在使用不同的系统登录我的帐户时注销。



我尝试了什么：



i我将当前用户的UniqueID存储到数据库中，当另一个用户登录时，那个uniqueID对该用户进行了更改，然后之前的登录使用是注销。但我这个技巧，我必须在重定向页面时一次性地获取uniqueID。我想在不使用数据库的情况下这样做。

Sir, i want that my account is logout when somewhen login to my acoount with different system.

What I have tried:

i am storing current user UniqueID into database and when another user login then uniqueID is change for that user and then previous login use is logout. but i this trick i have to fatch uniqueID all time when redirect the page. i want to do that without using database.

推荐答案

你可以用cookies来做到这一点。



当用户使用新浏览器（设备A）访问您的网站时，创建一个随机字符串（作为会话令牌A）并存储在用户浏览器的cookie中，过期日期设置为180天。



将随机字符串（会话令牌A）与用户ID一起存储在数据库中。



条件1：

如果用户使用相同的浏览器（设备A）访问您的网站，则会向服务器发送相同的会话令牌（会话令牌A）以验证它是否是同一用户。



条件2：

如果用户使用其他设备（设备B）访问您的网站，将创建新的会话令牌（会话令牌B）。从数据库中删除会话令牌A，因此当下次用户重新访问旧设备（设备A）上的网站时，会话令牌A将无法被验证，因为它已经不存在于数据库中。因此，用户将能够更长时间地从设备A访问您的网站。

you can do this by using cookies.

When a user access your website using a new browser (Device A), creates a random string (as Session Token A) and stores at the user's browser's cookies with the expire date set to 180 days.

Store the random string (session token A) together with the user id in database.

Condition 1:
If the user access your website using the same browser (Device A), the same session token (Session Token A) will be sent to the server to verify that it is the same user.

Condition 2:
If the user access your website using another device (Device B), new session token (Session Token B) will be created. Delete "Session Token A" from database, so when next time the user re-access the website on old device (Device A), "Session Token A" will not able to be verified as it is already not existed in database. Therefore, user will longer able to access your website from Device A.

这不是它的工作原理。它基于会话超时，并且只能在用户在浏览器中导航时建立。



您可以通过利用作业和/或数据库机制来实现触发器，但在此处描述该机制远远超出了QA的用途范围。

That's not how it works. It's based on session timeout, and that can only be established when the user navigates in the browser.

You could do it via a database mechanism that utilizes jobs and/or triggers, but describing that mechanism here is fairly well beyond the scope of what QA is intended for.

您需要管理数据库来管理所有登录会话信息。如果用户注销请求使与该帐户关联的所有会话无效。

You need to manage a database to manage all login session information. If user request for logout invalidate all the session associated with that account.

这篇关于如何在使用相同帐户和不同计算机登录时注销我的帐户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！