-
-
Notifications
You must be signed in to change notification settings - Fork 6.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Revocable sessions #3616
Revocable sessions #3616
Conversation
Where should the maximum number of session be set? Was thinking of |
@sorin-davidoi Probably a config/initializers/ file. What maximum number of sessions do you mean though? Why should there be a maximum? |
With this modification, each login creates a new entry in the |
@sorin-davidoi I wonder if it would be more appropriate to store sessions in Redis rather than Postgres. |
Not familiar at all with Redis, but I guess that would make #3243 harder? We need to link the subscription to the session that created it, to make sure that they get deleted together. |
Added the configuration option (defaulting to a maximum of 10 active sessions per user). |
Anything else I can do here to help with this? |
It'd be cool to have some input from @mjankowski or @krainboltgreene on this, looks okay to me but perhaps they had to implement something similar for different applications. |
Rebased, moved the migration date to today (I guess this is the right thing, correct?). |
As discussed in #3243, this introduces revocable sessions as explained here.
Left to do:
config/environments
?)