Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Offline logout
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Igor Wojda
March 26, 2018
Technology
2
340
Offline logout
Interesting logout use case.
Igor Wojda
March 26, 2018
Tweet
Share
More Decks by Igor Wojda
See All by Igor Wojda
Harmonizing Kotlin codebase with Konsist
igorwojda
2
220
Droidcon 2020. Why We Need Clean Architecture
igorwojda
4
1.6k
Modern, maintainable and coRRRect project
igorwojda
0
180
Why do we need Clean Architecture
igorwojda
23
8.8k
Other Decks in Technology
See All in Technology
Databricks Free Edition講座 データサイエンス編
taka_aki
0
290
SREが向き合う大規模リアーキテクチャ 〜信頼性とアジリティの両立〜
zepprix
0
400
20260204_Midosuji_Tech
takuyay0ne
0
110
Digitization部 紹介資料
sansan33
PRO
1
6.8k
Introduction to Bill One Development Engineer
sansan33
PRO
0
360
Kiro IDEのドキュメントを全部読んだので地味だけどちょっと嬉しい機能を紹介する
khmoryz
0
160
小さく始めるBCP ― 多プロダクト環境で始める最初の一歩
kekke_n
1
350
GCASアップデート(202510-202601)
techniczna
0
250
マーケットプレイス版Oracle WebCenter Content For OCI
oracle4engineer
PRO
5
1.5k
学生・新卒・ジュニアから目指すSRE
hiroyaonoe
2
550
オープンウェイトのLLMリランカーを契約書で評価する / searchtechjp
sansan_randd
3
650
Introduction to Sansan, inc / Sansan Global Development Center, Inc.
sansan33
PRO
0
3k
Featured
See All Featured
Practical Orchestrator
shlominoach
191
11k
The World Runs on Bad Software
bkeepers
PRO
72
12k
The browser strikes back
jonoalderson
0
360
Technical Leadership for Architectural Decision Making
baasie
1
240
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
16
1.8k
For a Future-Friendly Web
brad_frost
182
10k
The Director’s Chair: Orchestrating AI for Truly Effective Learning
tmiket
1
96
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
52
5.8k
A Tale of Four Properties
chriscoyier
162
24k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
49
3.3k
ラッコキーワード サービス紹介資料
rakko
1
2.2M
The Organizational Zoo: Understanding Human Behavior Agility Through Metaphoric Constructive Conversations (based on the works of Arthur Shelley, Ph.D)
kimpetersen
PRO
0
230
Transcript
Solving offline logout By Igor Wojda @igorwojda
Not so long long time ago...
Username & password Login request Other request Other request
Why this is not very secure?
Username & password
Solution?
Token 209eb9bb-2f6c-40d6-a9b9-912257492b61
Token
Token Renewal Timeout
Token per client
Token invalidate
Online Logout
Online logout Logout Request Additional operations
Offline Logout
Offline logout Logout Request X No network
Option 1 – delete device token instantly Logout Request X
No network
Option 2 – delete device token device when online Logout
Request X No network
Logout user latter using the token Remove token instantly Goals
Solution?
Token Logout token Authentication token
Token Press logout Is online? Delete authentication token Logout (hit
logout endpoint sending logout token) Job scheduler runs logout job Invalidate both tokens Unregister device from receiving notifications NO Schedule logout Job YES Is online? YES
• https://android.jlelse.eu/solving -offline-logout-problem- f3b50da49e7eTable salt • https://www.owasp.org/index.p hp/Session_Management_Cheat _Sheet#Session_Expiration •
https://security.stackexchange. com/questions/29988/what-is- certificate-pinning Materials Worth reading
Thanks! ANY QUESTIONS? You can find me at @igorwojda
[email protected]
igorwojda
taka_aki
zepprix
takuyay0ne
sansan33
khmoryz
kekke_n
techniczna
oracle4engineer
hiroyaonoe
sansan_randd
shlominoach
bkeepers
jonoalderson
baasie
reverentgeek
brad_frost
tmiket
chriscoyier
tammyeverts
rakko
kimpetersen
![Thanks! ANY QUESTIONS? You can find me at @igorwojda [email protected]](https://files.speakerdeck.com/presentations/b8c4a9c8ad104b868ad42c65731a8a6a/slide_22.jpg){kind=link}