Multiple Sessions Logged Out Automatically
Iām working on a system where the same account can be logged in across multiple devices, tabs, and even different networks (with different IPs).
Usually, there are about 5ā6 devices connected at the same time using the same account.
The issue is: after some time, one or more devices get logged out automatically. In our use case, this behavior is not acceptable ā all sessions should stay active simultaneously.
š Has anyone faced a similar issue? What could be causing this? Is it related to session management, token expiration, or device/IP restrictions? And what would be the best approach to ensure that multiple logins stay active without being invalidated?
3 Replies
By default if one signs out they all get signed out. If it is signout being called then you can set the scope.
Otherwise if a refresh token is used twice then all sessions get signed out. That is usually buggy code or someone trying to steal a jwt/refresh pair which can only be used one time.
If you are not signing out then they should stay logged except of events like mentioned with the refresh token and I think email or password changes.
@Mari This usually happens if your backend is issuing a single active token per user check your session/token storage logic and allow multiple concurrent sessions
Okay, i try this, thanks guys.