How can I force users to re-authenticate?

kobie · October 22, 2019, 5:17pm

I want to force my users to re-authenticate after some period e.g. 30 days. This is to make sure that employees that are no longer with my company always loose access eventually.

Is there a way to do this in JourneyApps?

anton · October 24, 2019, 7:27am

There are a couple of API's available for managing user authentication and sessions. You will need to create a Cloud Code task to handle the API calls. This gives you the flexibility to schedule the task as required.

You will need to retrieve the user via the API to not only get back a user object, but the session object related to the user. A user can have more than one session, depending on app level configuration.
You will need to iterate over the user sessions and set all of them to Re-authenticate session to force a user to login.


export async function run(params) {

    console.log(params);

    // Get the user and session via the API

    let _user = await get.call(this, `${this.backend.url}/users/${params.user_id}`);

    for(let session of _user.sessions){

        // Set sessions to re-authenticate, signing out the user
        let _response = await post.call(this, `${this.backend.url}/users/${_user.id}/sessions/${session.id}/re-authenticate`);
        console.log(_response);
    }

}

/**
 * Get helper
 * @param {string} url - URL to retrieve
 */
async function get(url) {
    let options = {
        method: 'GET',
        headers: {
            'Authorization': `Token ${this.backend.token}`,
        }
    };
    let response = await fetch(url, options);
    if (response.ok) {
        let data = await response.json();
        return data;
    } else {
        console.log(`${response.status}: ${response.statusText}`);
        return response;
    }
}


/**
 * Post helper
 * @param {string} url - URL to post to
 * @param {object} body - Body to send
 */
async function post(url, body) {
    let options = {
        method: 'POST',
        headers: {
            'Authorization': `Token ${this.backend.token}`,
            'Content-Type': 'application/json'
        },
        body: JSON.stringify(body)
    };
    let response = await fetch(url, options);
    if (response.ok && response.status === 204) {
        let res = { status: "success" };
        // Check if there is data to attach to POST response
        const contentType = response.headers.get("content-type");
        if (contentType && contentType.indexOf("application/json") !== -1) {
            let data = await response.json();
            res.data = data;
        }
        return res;
    } else {
        console.log(`${response.status}: ${response.statusText}`);
        return { status: "error", error: `${response.status}: ${response.statusText}` };
    }
}

The documentation for the API can be found here (I would recommend reading the documents before proceeding): https://docs.journeyapps.com/reference/backend-api/api-reference/manage-app-users-and-sessions

Topic		Replies	Views
Force Leave App General Q&A javascript , container	7	676	January 7, 2022
How can I force app updates after a deploy? General Q&A cloudcode	2	451	November 6, 2019
How to Revoke users? General Q&A user	1	337	July 25, 2022
Check if user is revoked/locked before authenticating with SSO General Q&A cloudcode , sso	1	390	February 15, 2023
SSO Guide Guides user-enrollment , sso	0	498	August 2, 2021

How can I force users to re-authenticate?

Related Topics