Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Offline logout
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
Igor Wojda
March 26, 2018
Technology
2
350
Offline logout
Interesting logout use case.
Igor Wojda
March 26, 2018
Tweet
Share
More Decks by Igor Wojda
See All by Igor Wojda
Harmonizing Kotlin codebase with Konsist
igorwojda
2
230
Droidcon 2020. Why We Need Clean Architecture
igorwojda
4
1.7k
Modern, maintainable and coRRRect project
igorwojda
0
180
Why do we need Clean Architecture
igorwojda
23
8.8k
Other Decks in Technology
See All in Technology
エンジニアリングマネージャーの仕事
yuheinakasaka
0
110
「通るまでRe-run」から卒業!落ちないテストを書く勘所
asumikam
2
280
内製AIチャットボットで学んだDatadog LLM Observability活用術
mkdev10
0
130
身体を持ったパーソナルAIエージェントの 可能性を探る開発
yokomachi
1
130
「お金で解決」が全てではない!大規模WebアプリのCI高速化 #phperkaigi
stefafafan
4
1.5k
Zero Data Loss Autonomous Recovery Service サービス概要
oracle4engineer
PRO
2
13k
モジュラモノリス導入から4年間の総括:アーキテクチャと組織の相互作用について / Architecture and Organizational Interaction
nazonohito51
1
530
Google系サービスで文字起こしから勝手にカレンダーを埋めるエージェントを作った話
risatube
0
190
(Test) ai-meetup slide creation
oikon48
3
460
Zeal of the Convert: Taming Shai-Hulud with AI
ramimac
0
150
アーキテクチャモダナイゼーションを実現する組織
satohjohn
1
1.1k
AI実装による「レビューボトルネック」を解消する仕様駆動開発(SDD)/ ai-sdd-review-bottleneck
rakus_dev
0
160
Featured
See All Featured
Bash Introduction
62gerente
615
210k
Navigating Team Friction
lara
192
16k
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.6k
Side Projects
sachag
455
43k
Fantastic passwords and where to find them - at NoRuKo
philnash
52
3.6k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
32
2.8k
Ten Tips & Tricks for a 🌱 transition
stuffmc
0
90
The Director’s Chair: Orchestrating AI for Truly Effective Learning
tmiket
1
130
Stop Working from a Prison Cell
hatefulcrawdad
274
21k
The AI Search Optimization Roadmap by Aleyda Solis
aleyda
1
5.4k
The Cult of Friendly URLs
andyhume
79
6.8k
Game over? The fight for quality and originality in the time of robots
wayneb77
1
140
Transcript
Solving offline logout By Igor Wojda @igorwojda
Not so long long time ago...
Username & password Login request Other request Other request
Why this is not very secure?
Username & password
Solution?
Token 209eb9bb-2f6c-40d6-a9b9-912257492b61
Token
Token Renewal Timeout
Token per client
Token invalidate
Online Logout
Online logout Logout Request Additional operations
Offline Logout
Offline logout Logout Request X No network
Option 1 – delete device token instantly Logout Request X
No network
Option 2 – delete device token device when online Logout
Request X No network
Logout user latter using the token Remove token instantly Goals
Solution?
Token Logout token Authentication token
Token Press logout Is online? Delete authentication token Logout (hit
logout endpoint sending logout token) Job scheduler runs logout job Invalidate both tokens Unregister device from receiving notifications NO Schedule logout Job YES Is online? YES
• https://android.jlelse.eu/solving -offline-logout-problem- f3b50da49e7eTable salt • https://www.owasp.org/index.p hp/Session_Management_Cheat _Sheet#Session_Expiration •
https://security.stackexchange. com/questions/29988/what-is- certificate-pinning Materials Worth reading
Thanks! ANY QUESTIONS? You can find me at @igorwojda
[email protected]
igorwojda
yuheinakasaka
asumikam
mkdev10
yokomachi
stefafafan
oracle4engineer
nazonohito51
risatube
oikon48
ramimac
satohjohn
rakus_dev
62gerente
lara
thoeni
sachag
philnash
bluesmoon
stuffmc
tmiket
hatefulcrawdad
aleyda
andyhume
wayneb77
![Thanks! ANY QUESTIONS? You can find me at @igorwojda [email protected]](https://files.speakerdeck.com/presentations/b8c4a9c8ad104b868ad42c65731a8a6a/slide_22.jpg){kind=link}