Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Offline logout
Search
Igor Wojda
March 26, 2018
Technology
2
300
Offline logout
Interesting logout use case.
Igor Wojda
March 26, 2018
Tweet
Share
More Decks by Igor Wojda
See All by Igor Wojda
Harmonizing Kotlin codebase with Konsist
igorwojda
2
140
Droidcon 2020. Why We Need Clean Architecture
igorwojda
4
1.6k
Modern, maintainable and coRRRect project
igorwojda
0
150
Why do we need Clean Architecture
igorwojda
23
8.6k
Other Decks in Technology
See All in Technology
AIエージェント開発のノウハウと課題
pharma_x_tech
9
4.9k
20250304_赤煉瓦倉庫_DeepSeek_Deep_Dive
hiouchiy
2
130
どちらかだけじゃもったいないかも? ECSとEKSを適材適所で併用するメリット、運用課題とそれらの対応について
tk3fftk
2
280
開発者のための FinOps/FinOps for Engineers
oracle4engineer
PRO
2
260
エンジニアのキャリアパスと、 その中で自分が大切にしていること
noteinc
3
400
クラウド関連のインシデントケースを収集して見えてきたもの
lhazy
9
2k
LayerXにおけるAI活用事例とその裏側(2025年2月) バクラクの目指す “業務の自動運転” の例 / layerx-ai-deim2025
yuya4
4
860
User Story Mapping + Inclusive Team
kawaguti
PRO
3
490
OPENLOGI Company Profile for engineer
hr01
1
20k
マーケットプレイス版Oracle WebCenter Content For OCI
oracle4engineer
PRO
3
540
AIエージェント元年@日本生成AIユーザ会
shukob
1
260
AWSアカウントのセキュリティ自動化、どこまで進める? 最適な設計と実践ポイント
yuobayashi
7
1.8k
Featured
See All Featured
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
115
51k
Practical Orchestrator
shlominoach
186
10k
Agile that works and the tools we love
rasmusluckow
328
21k
Gamification - CAS2011
davidbonilla
80
5.2k
Building Applications with DynamoDB
mza
93
6.2k
Making the Leap to Tech Lead
cromwellryan
133
9.1k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
47
5.2k
The Language of Interfaces
destraynor
156
24k
Git: the NoSQL Database
bkeepers
PRO
428
65k
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
Optimizing for Happiness
mojombo
377
70k
The Invisible Side of Design
smashingmag
299
50k
Transcript
Solving offline logout By Igor Wojda @igorwojda
Not so long long time ago...
Username & password Login request Other request Other request
Why this is not very secure?
Username & password
Solution?
Token 209eb9bb-2f6c-40d6-a9b9-912257492b61
Token
Token Renewal Timeout
Token per client
Token invalidate
Online Logout
Online logout Logout Request Additional operations
Offline Logout
Offline logout Logout Request X No network
Option 1 – delete device token instantly Logout Request X
No network
Option 2 – delete device token device when online Logout
Request X No network
Logout user latter using the token Remove token instantly Goals
Solution?
Token Logout token Authentication token
Token Press logout Is online? Delete authentication token Logout (hit
logout endpoint sending logout token) Job scheduler runs logout job Invalidate both tokens Unregister device from receiving notifications NO Schedule logout Job YES Is online? YES
• https://android.jlelse.eu/solving -offline-logout-problem- f3b50da49e7eTable salt • https://www.owasp.org/index.p hp/Session_Management_Cheat _Sheet#Session_Expiration •
https://security.stackexchange. com/questions/29988/what-is- certificate-pinning Materials Worth reading
Thanks! ANY QUESTIONS? You can find me at @igorwojda igor.wojda@gmail.com