hi fjinc
You can use
IIdentitySessionRepository
to remove all user sessions.https://github.com/abpframework/abp/blob/dev/modules/identity/src/Volo.Abp.Identity.EntityFrameworkCore/Volo/Abp/Identity/EntityFrameworkCore/EfCoreIdentitySessionRepository.cs#L90-L94
Thanks maliming. I'm more suggesting a new ABP feature by adding to the existing setting management for Session management I'm aware we can make extensions to add this behaviour ourselves but it seems that it would be a useful feature to have for other people too.
i.e. on this session setting page, as the host tenant admin user, I can enable settings to apply for all users of all tenancies
hi fjinc
across all tenants and their users from the Host tenant?
By default, users will not be across tenants. Can you explain it in detail?
Hi maliming, What I mean is, as the Host tenant, I want to enforce all users across the application to use a specific session setting (eg 'Logout from all devices') so that I can force all the users of my application to have better security practices
At the moment, I can only enforce this for the users of my tenancy which means to enforce for users in another tenant I have to impersonate the tenant admin and set the setting. It would be useful if we can do this all from our Host tenant admin account.
Hi We've recently upgraded our ABP version to v8.2 and we're excited to try the new Session management - particularly being able to enforce all user's of the application to have only one user on one device at any time.
Our application is a tenanted one, I wonder if it would be possible to add to the Session setting page the ability to enforce the same session management across all tenants and their users from the Host tenant?
Great thank you, please let me know what version the fix will be included in.
Hi,
Yes, that's is. I will create an internal issue to fix it; thanks.
Hi liangshiwei, Has there been any update on this / eta for when it will be fixed?
ERROR Error: Uncaught (in promise): Wrong nonce: undefined