Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Offline logout
Search
Igor Wojda
March 26, 2018
Technology
2
320
Offline logout
Interesting logout use case.
Igor Wojda
March 26, 2018
Tweet
Share
More Decks by Igor Wojda
See All by Igor Wojda
Harmonizing Kotlin codebase with Konsist
igorwojda
2
190
Droidcon 2020. Why We Need Clean Architecture
igorwojda
4
1.6k
Modern, maintainable and coRRRect project
igorwojda
0
170
Why do we need Clean Architecture
igorwojda
23
8.7k
Other Decks in Technology
See All in Technology
フルカイテン株式会社 エンジニア向け採用資料
fullkaiten
0
8.6k
LLMエージェント時代に適応した開発フロー
hiragram
1
410
あとはAIに任せて人間は自由に生きる
kentaro
3
1.1k
我々は雰囲気で仕事をしている / How can we do vibe coding as well
naospon
2
220
ABEMAにおける 生成AI活用の現在地 / The Current Status of Generative AI at ABEMA
dekatotoro
0
650
Understanding Go GC #coefl_go_jp
bengo4com
0
1.1k
Backboneとしてのtimm2025
yu4u
4
1.5k
帳票Vibe Coding
terurou
0
140
「守る」から「進化させる」セキュリティへ ~AWS re:Inforce 2025参加報告~ / AWS re:Inforce 2025 Participation Report
yuj1osm
1
120
DeNA での思い出 / Memories at DeNA
orgachem
PRO
3
1.6k
[CVPR2025論文読み会] Linguistics-aware Masked Image Modelingfor Self-supervised Scene Text Recognition
s_aiueo32
0
210
実践アプリケーション設計 ③ドメイン駆動設計
recruitengineers
PRO
1
180
Featured
See All Featured
Fashionably flexible responsive web design (full day workshop)
malarkey
407
66k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
8
890
Designing for Performance
lara
610
69k
Build your cross-platform service in a week with App Engine
jlugia
231
18k
Producing Creativity
orderedlist
PRO
347
40k
Building an army of robots
kneath
306
46k
How To Stay Up To Date on Web Technology
chriscoyier
790
250k
Done Done
chrislema
185
16k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
234
17k
A better future with KSS
kneath
239
17k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
50
5.5k
The Illustrated Children's Guide to Kubernetes
chrisshort
48
50k
Transcript
Solving offline logout By Igor Wojda @igorwojda
Not so long long time ago...
Username & password Login request Other request Other request
Why this is not very secure?
Username & password
Solution?
Token 209eb9bb-2f6c-40d6-a9b9-912257492b61
Token
Token Renewal Timeout
Token per client
Token invalidate
Online Logout
Online logout Logout Request Additional operations
Offline Logout
Offline logout Logout Request X No network
Option 1 – delete device token instantly Logout Request X
No network
Option 2 – delete device token device when online Logout
Request X No network
Logout user latter using the token Remove token instantly Goals
Solution?
Token Logout token Authentication token
Token Press logout Is online? Delete authentication token Logout (hit
logout endpoint sending logout token) Job scheduler runs logout job Invalidate both tokens Unregister device from receiving notifications NO Schedule logout Job YES Is online? YES
• https://android.jlelse.eu/solving -offline-logout-problem- f3b50da49e7eTable salt • https://www.owasp.org/index.p hp/Session_Management_Cheat _Sheet#Session_Expiration •
https://security.stackexchange. com/questions/29988/what-is- certificate-pinning Materials Worth reading
Thanks! ANY QUESTIONS? You can find me at @igorwojda
[email protected]