node.js - Node Express Session revocation on re-issue? -


using node v12, express 4, , connect-pg-simple

during our security evaluation discovered if user logs in successfully, , logs in again successfully, prior session remains valid.

i'd second login revoke first session. failure means user can logged-in in 2 different browsers.


Comments

Popular posts from this blog

twig - Using Twigbridge in a Laravel 5.1 Package -

jdbc - Not able to establish database connection in eclipse -

firemonkey - How do I make a beep sound in Android using Delphi and the API? -