idp.global/app
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
app/stories/end-user/EU-001-multi-device-login.md
T
jkunz 014fb3080a add stories
2025-11-30 15:01:28 +00:00

1001 B
Raw Permalink Blame History

Multi-Device Login Sessions

ID: EU-001 Priority: High Status: Planned

User Story

As an end user, I want to stay logged in on multiple devices simultaneously so that I can access my account from my phone, tablet, and computer without being logged out elsewhere.

Acceptance Criteria

  • User can have active sessions on multiple devices at the same time
  • Each device gets its own refresh token
  • Logging out on one device does not affect sessions on other devices
  • User can see all active sessions in account settings
  • User can revoke individual sessions remotely

Technical Notes

  • Currently only one refresh token per login session is supported
  • Need to refactor LoginSession to support multiple refresh tokens
  • Consider storing device metadata (browser, OS, last active time) with each token
  • JWT blocklist needs to handle individual token revocation

Related TODOs

  • ts/reception/classes.jwt.ts:39 - // TODO: handle multiple refresh tokens
Reference in New Issue View Git Blame Copy Permalink