Force user logout in all site copies in browser when logout action called (NODE)

Due to how the security provider works it is possible to open multiple copies of a site in different tabs and login to each with the same credentials.
But, when a user logs out in one tab they remain logged in in the other.

So the question is, anyone any ideas how to force logout in all tabs

I haven’t had to deal with this, but how about web sockets? When a user performs a logout push an event out to the appropriate sessions.

When that message is received, remove the security cookie, or perform a logout ( although that should probably be a different logout action to prevent a perpetual loop).

Just an idea, I’ve not tried any of this!

Yes that’s basically my thoughts.

  1. Add a field “force_logout” to user table
  2. Set it to true in logout action
  3. Have an SA in global’s which checks that flag and logs out if true
  4. Use socket to refresh when flag set.

That methods too complex.

  1. On logout SA, just emit message saying that tab needs to logout.
  2. Each tab will be connected & subscribed to the logout message.
  3. On receiving emit, each page will redirect to login page.