Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Offline logout
Search
Igor Wojda
March 26, 2018
Technology
2
330
Offline logout
Interesting logout use case.
Igor Wojda
March 26, 2018
Tweet
Share
More Decks by Igor Wojda
See All by Igor Wojda
Harmonizing Kotlin codebase with Konsist
igorwojda
2
200
Droidcon 2020. Why We Need Clean Architecture
igorwojda
4
1.6k
Modern, maintainable and coRRRect project
igorwojda
0
170
Why do we need Clean Architecture
igorwojda
23
8.8k
Other Decks in Technology
See All in Technology
バグと向き合い、仕組みで防ぐ
____rina____
0
250
エンタープライズ企業における開発効率化のためのコンテキスト設計とその活用
sergicalsix
1
330
メタプログラミングRuby問題集の活用
willnet
2
770
Introducing RFC9111 / YAPC::Fukuoka 2025
k1low
1
210
“それなりに”安全なWebアプリケーションの作り方
xryuseix
0
290
コミュニティと共に変化する 私とFusicの8年間
ayasamind
0
450
【Android】テキスト選択色の問題修正で心がけたこと
tonionagauzzi
0
130
マウントとるやつ、リリースするやつ
otsuki
1
120
マーケットプレイス版Oracle WebCenter Content For OCI
oracle4engineer
PRO
3
1.3k
Data & AIの未来とLakeHouse
ishikawa_satoru
0
720
Master Dataグループ紹介資料
sansan33
PRO
1
3.9k
やり方は一つだけじゃない、正解だけを目指さず寄り道やその先まで自分流に楽しむ趣味プログラミングの探求 2025-11-15 YAPC::Fukuoka
sugyan
1
280
Featured
See All Featured
How To Stay Up To Date on Web Technology
chriscoyier
791
250k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
24
1.5k
Bash Introduction
62gerente
615
210k
Rails Girls Zürich Keynote
gr2m
95
14k
Build The Right Thing And Hit Your Dates
maggiecrowley
38
2.9k
The MySQL Ecosystem @ GitHub 2015
samlambert
251
13k
We Have a Design System, Now What?
morganepeng
54
7.9k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
666
130k
Side Projects
sachag
455
43k
Practical Orchestrator
shlominoach
190
11k
Speed Design
sergeychernyshev
32
1.2k
Into the Great Unknown - MozCon
thekraken
40
2.1k
Transcript
Solving offline logout By Igor Wojda @igorwojda
Not so long long time ago...
Username & password Login request Other request Other request
Why this is not very secure?
Username & password
Solution?
Token 209eb9bb-2f6c-40d6-a9b9-912257492b61
Token
Token Renewal Timeout
Token per client
Token invalidate
Online Logout
Online logout Logout Request Additional operations
Offline Logout
Offline logout Logout Request X No network
Option 1 – delete device token instantly Logout Request X
No network
Option 2 – delete device token device when online Logout
Request X No network
Logout user latter using the token Remove token instantly Goals
Solution?
Token Logout token Authentication token
Token Press logout Is online? Delete authentication token Logout (hit
logout endpoint sending logout token) Job scheduler runs logout job Invalidate both tokens Unregister device from receiving notifications NO Schedule logout Job YES Is online? YES
• https://android.jlelse.eu/solving -offline-logout-problem- f3b50da49e7eTable salt • https://www.owasp.org/index.p hp/Session_Management_Cheat _Sheet#Session_Expiration •
https://security.stackexchange. com/questions/29988/what-is- certificate-pinning Materials Worth reading
Thanks! ANY QUESTIONS? You can find me at @igorwojda
[email protected]
igorwojda
____rina____
sergicalsix
willnet
k1low
xryuseix
ayasamind
tonionagauzzi
otsuki
oracle4engineer
ishikawa_satoru
sansan33
sugyan
chriscoyier
honnibal
62gerente
gr2m
maggiecrowley
samlambert
morganepeng
pedronauck
sachag
shlominoach
sergeychernyshev
thekraken
![Thanks! ANY QUESTIONS? You can find me at @igorwojda [email protected]](https://files.speakerdeck.com/presentations/b8c4a9c8ad104b868ad42c65731a8a6a/slide_22.jpg){kind=link}