How to force logout a specific user

Today, a suspicious user created several accounts on my app and used my email sending service (i use Postmark under the hood through an API) to send spam emails to people. I have a WF in place to prevent blacklisted users from logging in again (i mark a field that I created and that is called “blacklisted” within the User thing as “yes”).
But how can i force logout a specific user while they are logged in and using my app?

Hi there, @42.decaen… if you are just trying to log that specific user out, you should be able to use the Run as feature from the App data tab in the live environment to run as that user and then log out. Is that what you mean?

Best…
Mike

Wouldn’t you want to prevent them from even logging in, in the first place?
You can make it so when a user is “blacklisted” or IP banned, they will not be able to login, or when they are banned, or “blacklisted” a triggered BE workflow will run and log the user out.

Pretty simple, let me know if you need more guidance.

My understanding is that the user is already logged in, and even though OP has set a field on the user to blacklist them (which will prevent them from logging in again), they still have to log them out of the initial session (which was initiated before they were blacklisted).

There is a log the user out action. I think you can use it as soon as you blacklist the user (for example, using DB trigger to make it instant)

@GH5T yes, my issue is that the suspicious user that I am blacklisting is already logged in and is taking undesirable actions. As they are taking those actions in my app, i want to force log them out.

I was thinking, maybe if I use a WF to reset their password, that would log them out? I need to check that.

What you can do is place the action “Log out other user’s sessions” as last step of you login workflow.

This action lets you log out all sessions of the current user, except the one where the user triggers this action.

image

Now, you just need to open you App Data, switch to Live Mode, choose the specific user and click in Run As. Doing this, you will be logging him out.

1 Like

Very nice trick! Thank you @rpetribu

1 Like

This topic was automatically closed after 70 days. New replies are no longer allowed.