How can I force users to re-authenticate?

I want to force my users to re-authenticate after some period e.g. 30 days. This is to make sure that employees that are no longer with my company always loose access eventually.

Is there a way to do this in JourneyApps?

There are a couple of API's available for managing user authentication and sessions. You will need to create a Cloud Code task to handle the API calls. This gives you the flexibility to schedule the task as required.

  1. You will need to retrieve the user via the API to not only get back a user object, but the session object related to the user. A user can have more than one session, depending on app level configuration.
  2. You will need to iterate over the user sessions and set all of them to Re-authenticate session to force a user to login.

export async function run(params) {

    console.log(params);

    // Get the user and session via the API

    let _user = await get.call(this, `${this.backend.url}/users/${params.user_id}`);

    for(let session of _user.sessions){

        // Set sessions to re-authenticate, signing out the user
        let _response = await post.call(this, `${this.backend.url}/users/${_user.id}/sessions/${session.id}/re-authenticate`);
        console.log(_response);
    }

}

/**
 * Get helper
 * @param {string} url - URL to retrieve
 */
async function get(url) {
    let options = {
        method: 'GET',
        headers: {
            'Authorization': `Token ${this.backend.token}`,
        }
    };
    let response = await fetch(url, options);
    if (response.ok) {
        let data = await response.json();
        return data;
    } else {
        console.log(`${response.status}: ${response.statusText}`);
        return response;
    }
}


/**
 * Post helper
 * @param {string} url - URL to post to
 * @param {object} body - Body to send
 */
async function post(url, body) {
    let options = {
        method: 'POST',
        headers: {
            'Authorization': `Token ${this.backend.token}`,
            'Content-Type': 'application/json'
        },
        body: JSON.stringify(body)
    };
    let response = await fetch(url, options);
    if (response.ok && response.status === 204) {
        let res = { status: "success" };
        // Check if there is data to attach to POST response
        const contentType = response.headers.get("content-type");
        if (contentType && contentType.indexOf("application/json") !== -1) {
            let data = await response.json();
            res.data = data;
        }
        return res;
    } else {
        console.log(`${response.status}: ${response.statusText}`);
        return { status: "error", error: `${response.status}: ${response.statusText}` };
    }
}

The documentation for the API can be found here (I would recommend reading the documents before proceeding): https://docs.journeyapps.com/reference/backend-api/api-reference/managing-app-users-and-sessions#application

9 Likes