#1 2015-08-29 12:51:15

tanong
Member
Registered: 2012-11-18
Posts: 5

How do I kill a session on a server?

Hi, ab (and the mORMot community fellows), thanks for your hard work.
I have been testing your framework on my online project.
I'm impressed (even though more to learn).

Now, I have a small problem.
Suppose that a user has logged in. And a few minutes later, another user logins with the same name.
If I want to kill the session created for the first person so that he/she is kicked out and no longer able to access the server.
How do I do that?

Edited:

Still waiting for advices. May be my intension was not clear.
All this is to prevent a group of users logging in with the same login simultaneously.
I could reject a duplicate login using OnSessionCreate which returns true.
But the objective is to kick out the already logged-in one.

Last edited by tanong (2015-08-30 05:13:12)

Offline

#2 2015-08-30 07:22:22

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,661
Website

Re: How do I kill a session on a server?

You can have access to the internal fSession[] list from OnSessionCreate, by inheriting your own TSQLRestServer class.
So you can delete a previous session from there, using SessionDelete(), or by setting the session TimeoutMS := 0.

Offline

#3 2015-08-30 07:46:57

tanong
Member
Registered: 2012-11-18
Posts: 5

Re: How do I kill a session on a server?

Thanks, ab. I will try that.

Just to mention, my son, a c# programmer, is now also learning your mORMot.
We are now working together on a project. MORMot is really amazing!

Offline

#4 2015-08-30 08:15:41

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,661
Website

Re: How do I kill a session on a server?

We may add new methods for your purpose, if needed.
Or new events, to customize authentication or other framework features.

Don't be shy, and propose patches, if you can!

Thanks for the nice feedback!
smile

Offline

#5 2015-08-30 11:39:34

tanong
Member
Registered: 2012-11-18
Posts: 5

Re: How do I kill a session on a server?

It's really nice of you, ab.

At first I was going to learn more and try what the framework already amazingly has.
However, I think it could be helpful for some other developers with the similar needs.

I, therefore, just submitted a feature request ticket [0aa979de90097bbb030633df2e6c0c4a4e4037c8].

In order to manipulate/manage users on a server, I proposed for a property and a method on TSQLRestServer.

1. Add a read-only property, Sessions, to list all active sessions with their session's properties,
such as UserName, SessionId, Private Key, etc.

2. Add a method to close a particular session on the Sessions list.
Parameter(s) used could be the corresponding SessionId and/or Private Key.

Please feel free to modify, add, or correct any parts of the request.

Thanks a whole bunch! ab, and please forgive me for mistakes, if any.

Last edited by tanong (2015-08-30 11:49:28)

Offline

Board footer

Powered by FluxBB