开发者

can we manage session for deleted user?

开发者 https://www.devze.com 2023-02-18 09:07 出处:网络
suppose user is accessing account at the same time admin delete his account then what should happen at front end? can user access his account or redirect to login page??

suppose user is accessing account at the same time admin delete his account then what should happen at front end? can user access his account or redirect to login page??

same if admin inactivated user what开发者_JS百科 should be happen there??

for web site


Depends entirely how you set it up. If you want it to automatically log him out you'd have to manually delete the session after you delete the user from the database.


Solution

  1. if user deleted logout and redirect user to one page and informed that account is deleted. inform to contact administrator
  2. if user inactive logout and redirect user to the login page or on some other page of the system and inform that his/her account is inactive. inform to contact administrator


You should be checking user session before any action performed by the user (I simply use the information in session to log them in 'again' and return relevant information back to the session, which makes it also easy to keep track of any account changes the user may have made), thus after admin deletes the account, once user attempts to do anything with is account, the login function/method, or whatever mechanism you use, should return false and set the session accordingly

0

精彩评论

暂无评论...
验证码 换一张
取 消