Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Offline logout
Search
Igor Wojda
March 26, 2018
Technology
350
2
Share
Offline logout
Interesting logout use case.
Igor Wojda
March 26, 2018
More Decks by Igor Wojda
See All by Igor Wojda
Harmonizing Kotlin codebase with Konsist
igorwojda
2
250
Droidcon 2020. Why We Need Clean Architecture
igorwojda
4
1.7k
Modern, maintainable and coRRRect project
igorwojda
0
190
Why do we need Clean Architecture
igorwojda
23
8.9k
Other Decks in Technology
See All in Technology
Unlocking the Apps
pimterry
0
140
探して_入れて_作って_使う_Agent_Skills___LT.pdf
peintangos
2
110
Platform Engineering as a Product: Criteria for Improvement and Multi-Tenant Design
kumorn5s
0
420
Agentic AI時代における メルカリのAIガバナンスとガードレール実装
naoichihara
17
17k
APIテストとは?
nagix
0
160
オンコールの負荷軽減のためのBits Assistant 活用方法 / How to Use Bits Assistant to Reduce the Workload on On-Call Staff
sms_tech
1
350
Amazon Bedrock 経由の Claude Cowork を試してみよう・MCP にも繋いでみよう
sugimomoto
0
290
Diagnosing performance problems without the guesswork
elenatanasoiu
0
130
string地獄を脱出する
sansantech
PRO
1
110
マーケットプレイス版Oracle WebCenter Content For OCI
oracle4engineer
PRO
5
1.7k
Generative UI × A2UI で AI エージェントを作った話 AI-DLC も使ってみた!
kmiya84377
1
290
大学生が本気でDatabricksを活用してDiscordサークルをデータ駆動させてみた
phantomjuju
1
300
Featured
See All Featured
Bootstrapping a Software Product
garrettdimon
PRO
307
120k
Building an army of robots
kneath
306
46k
Code Reviewing Like a Champion
maltzj
528
40k
Marketing to machines
jonoalderson
1
5.3k
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.7k
SERP Conf. Vienna - Web Accessibility: Optimizing for Inclusivity and SEO
sarafernandez
2
1.5k
Heart Work Chapter 1 - Part 1
lfama
PRO
7
36k
Google's AI Overviews - The New Search
badams
0
1k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
16
2k
Rebuilding a faster, lazier Slack
samanthasiow
85
9.5k
Facilitating Awesome Meetings
lara
57
6.9k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
234
17k
Transcript
Solving offline logout By Igor Wojda @igorwojda
Not so long long time ago...
Username & password Login request Other request Other request
Why this is not very secure?
Username & password
Solution?
Token 209eb9bb-2f6c-40d6-a9b9-912257492b61
Token
Token Renewal Timeout
Token per client
Token invalidate
Online Logout
Online logout Logout Request Additional operations
Offline Logout
Offline logout Logout Request X No network
Option 1 – delete device token instantly Logout Request X
No network
Option 2 – delete device token device when online Logout
Request X No network
Logout user latter using the token Remove token instantly Goals
Solution?
Token Logout token Authentication token
Token Press logout Is online? Delete authentication token Logout (hit
logout endpoint sending logout token) Job scheduler runs logout job Invalidate both tokens Unregister device from receiving notifications NO Schedule logout Job YES Is online? YES
• https://android.jlelse.eu/solving -offline-logout-problem- f3b50da49e7eTable salt • https://www.owasp.org/index.p hp/Session_Management_Cheat _Sheet#Session_Expiration •
https://security.stackexchange. com/questions/29988/what-is- certificate-pinning Materials Worth reading
Thanks! ANY QUESTIONS? You can find me at @igorwojda
[email protected]
igorwojda
pimterry
peintangos
kumorn5s
naoichihara
nagix
sms_tech
sugimomoto
elenatanasoiu
sansantech
oracle4engineer
kmiya84377
phantomjuju
garrettdimon
kneath
maltzj
jonoalderson
thoeni
sarafernandez
lfama
badams
reverentgeek
samanthasiow
lara
marcelosomers
![Thanks! ANY QUESTIONS? You can find me at @igorwojda [email protected]](https://files.speakerdeck.com/presentations/b8c4a9c8ad104b868ad42c65731a8a6a/slide_22.jpg){kind=link}