Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Offline logout
Search
Igor Wojda
March 26, 2018
Technology
2
300
Offline logout
Interesting logout use case.
Igor Wojda
March 26, 2018
Tweet
Share
More Decks by Igor Wojda
See All by Igor Wojda
Harmonizing Kotlin codebase with Konsist
igorwojda
2
130
Droidcon 2020. Why We Need Clean Architecture
igorwojda
4
1.6k
Modern, maintainable and coRRRect project
igorwojda
0
150
Why do we need Clean Architecture
igorwojda
23
8.5k
Other Decks in Technology
See All in Technology
Unsafe.BitCast のすゝめ。
nenonaninu
0
200
When Windows Meets Kubernetes…
pichuang
0
310
Building Scalable Backend Services with Firebase
wisdommatt
0
110
JAWS-UG20250116_iOSアプリエンジニアがAWSreInventに行ってきた(真面目編)
totokit4
0
140
デジタルアイデンティティ人材育成推進ワーキンググループ 翻訳サブワーキンググループ 活動報告 / 20250114-OIDF-J-EduWG-TranslationSWG
oidfj
0
540
あなたの人生も変わるかも?AWS認定2つで始まったウソみたいな話
iwamot
3
860
GoogleのAIエージェント論 Authors: Julia Wiesinger, Patrick Marlow and Vladimir Vuskovic
customercloud
PRO
0
160
Copilotの力を実感! 3ヶ月間の生成AI研修の試行錯誤&成功事例をご紹介。果たして得たものとは・・?
ktc_shiori
0
350
20250116_JAWS_Osaka
takuyay0ne
2
200
Formal Development of Operating Systems in Rust
riru
1
420
新卒1年目、はじめてのアプリケーションサーバー【IBM WebSphere Liberty】
ktgrryt
0
130
RubyでKubernetesプログラミング
sat
PRO
4
160
Featured
See All Featured
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
113
50k
Making the Leap to Tech Lead
cromwellryan
133
9k
The Pragmatic Product Professional
lauravandoore
32
6.4k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
192
16k
For a Future-Friendly Web
brad_frost
176
9.5k
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
3.6k
A designer walks into a library…
pauljervisheath
205
24k
A Tale of Four Properties
chriscoyier
157
23k
Code Reviewing Like a Champion
maltzj
521
39k
Practical Orchestrator
shlominoach
186
10k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
666
120k
RailsConf 2023
tenderlove
29
970
Transcript
Solving offline logout By Igor Wojda @igorwojda
Not so long long time ago...
Username & password Login request Other request Other request
Why this is not very secure?
Username & password
Solution?
Token 209eb9bb-2f6c-40d6-a9b9-912257492b61
Token
Token Renewal Timeout
Token per client
Token invalidate
Online Logout
Online logout Logout Request Additional operations
Offline Logout
Offline logout Logout Request X No network
Option 1 – delete device token instantly Logout Request X
No network
Option 2 – delete device token device when online Logout
Request X No network
Logout user latter using the token Remove token instantly Goals
Solution?
Token Logout token Authentication token
Token Press logout Is online? Delete authentication token Logout (hit
logout endpoint sending logout token) Job scheduler runs logout job Invalidate both tokens Unregister device from receiving notifications NO Schedule logout Job YES Is online? YES
• https://android.jlelse.eu/solving -offline-logout-problem- f3b50da49e7eTable salt • https://www.owasp.org/index.p hp/Session_Management_Cheat _Sheet#Session_Expiration •
https://security.stackexchange. com/questions/29988/what-is- certificate-pinning Materials Worth reading
Thanks! ANY QUESTIONS? You can find me at @igorwojda
[email protected]
igorwojda
nenonaninu
pichuang
wisdommatt
totokit4
oidfj
iwamot
.png){kind=avatar}
customercloud
ktc_shiori
takuyay0ne
riru
ktgrryt
sat
aki_iinuma
cromwellryan
lauravandoore
afnizarnur
brad_frost
kastner
pauljervisheath
chriscoyier
maltzj
shlominoach
pedronauck
tenderlove
![Thanks! ANY QUESTIONS? You can find me at @igorwojda [email protected]](https://files.speakerdeck.com/presentations/b8c4a9c8ad104b868ad42c65731a8a6a/slide_22.jpg){kind=link}