Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Offline logout
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Igor Wojda
March 26, 2018
Technology
360
2
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Offline logout
Interesting logout use case.
Igor Wojda
March 26, 2018
More Decks by Igor Wojda
See All by Igor Wojda
Harmonizing Kotlin codebase with Konsist
igorwojda
2
250
Droidcon 2020. Why We Need Clean Architecture
igorwojda
4
1.7k
Modern, maintainable and coRRRect project
igorwojda
0
190
Why do we need Clean Architecture
igorwojda
23
8.9k
Other Decks in Technology
See All in Technology
ぼっちではじめた登壇が「51名」「241件」の発信に化けた
subroh0508
1
250
Oracle AI Database@AWS:サービス概要のご紹介
oracle4engineer
PRO
4
3k
インシデントレスポンス演習 I / Incident Response Exercise I
ks91
PRO
0
100
秘密度ラベル初心者が第1歩でつまづかないための「設計・運用」ポイント
seafay
PRO
0
250
ザ・データベース、MySQL ~ OSC 2026 Sendai ~
sakaik
0
140
脆弱性対応、どこで線を引くか
rymiyamoto
1
420
2026TECHFRESH畢業分享會 - AI 時代的人生存檔點
line_developers_tw
PRO
0
1.3k
【Cyber-sec+】経営層を"動かす"ための考え方
hssh2_bin
0
200
20260619 私の日常業務での生成 AI 活用
masaruogura
1
230
When Platform Engineering Meets GenAI
sucitw
0
130
AWS Security Hub CSPMの成功・失敗体験
cmusudakeisuke
0
270
スタートアップにAmazon EKSは早すぎる? マルチプロダクト戦略を加速する Platform Engineeringの実践 / Is Amazon EKS Too Soon for Startups? Practical Platform Engineering to Accelerate a Multi-Product Strategy
elmodev09
1
400
Featured
See All Featured
Testing 201, or: Great Expectations
jmmastey
46
8.2k
A brief & incomplete history of UX Design for the World Wide Web: 1989–2019
jct
2
400
Un-Boring Meetings
codingconduct
0
320
Believing is Seeing
oripsolob
1
150
Odyssey Design
rkendrick25
PRO
2
700
Beyond borders and beyond the search box: How to win the global "messy middle" with AI-driven SEO
davidcarrasco
3
160
[RailsConf 2023] Rails as a piece of cake
palkan
59
6.7k
Conquering PDFs: document understanding beyond plain text
inesmontani
PRO
4
2.8k
WCS-LA-2024
lcolladotor
0
650
How GitHub (no longer) Works
holman
316
150k
Fantastic passwords and where to find them - at NoRuKo
philnash
52
3.7k
Leading Effective Engineering Teams in the AI Era
addyosmani
9
2.1k
Transcript
Solving offline logout By Igor Wojda @igorwojda
Not so long long time ago...
Username & password Login request Other request Other request
Why this is not very secure?
Username & password
Solution?
Token 209eb9bb-2f6c-40d6-a9b9-912257492b61
Token
Token Renewal Timeout
Token per client
Token invalidate
Online Logout
Online logout Logout Request Additional operations
Offline Logout
Offline logout Logout Request X No network
Option 1 – delete device token instantly Logout Request X
No network
Option 2 – delete device token device when online Logout
Request X No network
Logout user latter using the token Remove token instantly Goals
Solution?
Token Logout token Authentication token
Token Press logout Is online? Delete authentication token Logout (hit
logout endpoint sending logout token) Job scheduler runs logout job Invalidate both tokens Unregister device from receiving notifications NO Schedule logout Job YES Is online? YES
• https://android.jlelse.eu/solving -offline-logout-problem- f3b50da49e7eTable salt • https://www.owasp.org/index.p hp/Session_Management_Cheat _Sheet#Session_Expiration •
https://security.stackexchange. com/questions/29988/what-is- certificate-pinning Materials Worth reading
Thanks! ANY QUESTIONS? You can find me at @igorwojda
[email protected]
igorwojda
subroh0508
oracle4engineer
ks91
seafay
sakaik
rymiyamoto
line_developers_tw
hssh2_bin
masaruogura
sucitw
cmusudakeisuke
elmodev09
jmmastey
jct
codingconduct
oripsolob
rkendrick25
davidcarrasco
palkan
inesmontani
lcolladotor
holman
philnash
addyosmani
![Thanks! ANY QUESTIONS? You can find me at @igorwojda [email protected]](https://files.speakerdeck.com/presentations/b8c4a9c8ad104b868ad42c65731a8a6a/slide_22.jpg){kind=link}