Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Offline logout
Search
Igor Wojda
March 26, 2018
Technology
2
320
Offline logout
Interesting logout use case.
Igor Wojda
March 26, 2018
Tweet
Share
More Decks by Igor Wojda
See All by Igor Wojda
Harmonizing Kotlin codebase with Konsist
igorwojda
2
190
Droidcon 2020. Why We Need Clean Architecture
igorwojda
4
1.6k
Modern, maintainable and coRRRect project
igorwojda
0
170
Why do we need Clean Architecture
igorwojda
23
8.7k
Other Decks in Technology
See All in Technology
品質視点から考える組織デザイン/Organizational Design from Quality
mii3king
0
210
dbt開発 with Claude Codeのためのガードレール設計
10xinc
2
1.3k
2つのフロントエンドと状態管理
mixi_engineers
PRO
3
160
企業の生成AIガバナンスにおけるエージェントとセキュリティ
lycorptech_jp
PRO
3
200
使いやすいプラットフォームの作り方 ー LINEヤフーのKubernetes基盤に学ぶ理論と実践
lycorptech_jp
PRO
1
160
Terraformで構築する セルフサービス型データプラットフォーム / terraform-self-service-data-platform
pei0804
1
200
共有と分離 - Compose Multiplatform "本番導入" の設計指針
error96num
2
1.2k
Bedrock で検索エージェントを再現しようとした話
ny7760
2
110
Create Ruby native extension gem with Go
sue445
0
130
AWSで始める実践Dagster入門
kitagawaz
1
750
Webアプリケーションにオブザーバビリティを実装するRust入門ガイド
nwiizo
7
890
KotlinConf 2025_イベントレポート
sony
1
140
Featured
See All Featured
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
PRO
188
55k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
31
2.5k
Fantastic passwords and where to find them - at NoRuKo
philnash
52
3.4k
Designing for Performance
lara
610
69k
Embracing the Ebb and Flow
colly
87
4.8k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
33
2.4k
How to Think Like a Performance Engineer
csswizardry
26
1.9k
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.4k
Building an army of robots
kneath
306
46k
Producing Creativity
orderedlist
PRO
347
40k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
44
2.5k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
15
1.7k
Transcript
Solving offline logout By Igor Wojda @igorwojda
Not so long long time ago...
Username & password Login request Other request Other request
Why this is not very secure?
Username & password
Solution?
Token 209eb9bb-2f6c-40d6-a9b9-912257492b61
Token
Token Renewal Timeout
Token per client
Token invalidate
Online Logout
Online logout Logout Request Additional operations
Offline Logout
Offline logout Logout Request X No network
Option 1 – delete device token instantly Logout Request X
No network
Option 2 – delete device token device when online Logout
Request X No network
Logout user latter using the token Remove token instantly Goals
Solution?
Token Logout token Authentication token
Token Press logout Is online? Delete authentication token Logout (hit
logout endpoint sending logout token) Job scheduler runs logout job Invalidate both tokens Unregister device from receiving notifications NO Schedule logout Job YES Is online? YES
• https://android.jlelse.eu/solving -offline-logout-problem- f3b50da49e7eTable salt • https://www.owasp.org/index.p hp/Session_Management_Cheat _Sheet#Session_Expiration •
https://security.stackexchange. com/questions/29988/what-is- certificate-pinning Materials Worth reading
Thanks! ANY QUESTIONS? You can find me at @igorwojda
[email protected]
igorwojda
mii3king
10xinc
mixi_engineers
lycorptech_jp
pei0804
error96num
ny7760
sue445
kitagawaz
nwiizo
sony
soudai
marktimemedia
philnash
lara
colly
jcasabona
csswizardry
thoeni
kneath
orderedlist
bcantrill
reverentgeek
![Thanks! ANY QUESTIONS? You can find me at @igorwojda [email protected]](https://files.speakerdeck.com/presentations/b8c4a9c8ad104b868ad42c65731a8a6a/slide_22.jpg){kind=link}