0

Using node v12, Express 4, and connect-pg-simple

During our security evaluation is was discovered that if a user logs in successfully, and logs in again successfully, that the prior session remains valid.

I'd like for the second login to revoke the first session. Failure to do so means the user can be logged-in in two different browsers.

user9170
  • 950
  • 9
  • 18
  • This does not appear to be a supported feature of connect-pg-simple. So, what exactly is your question? Do you want to find a different way of doing sessions that has this feature? Do you want to modify connect-pg-simple to add this capability? – jfriend00 Jun 19 '15 at 15:52
  • Either would be fine. If one doesn't exist, I could code it, if I knew how. – user9170 Jun 22 '15 at 18:06

0 Answers0