javascript - How to detect another session is ongoing from another browser tab using Parse Server error

Question

I'm trying to auto logout an app if user logged in from another tab or browser. I'm using react-idle-timer and Parse Server.

I'm not sure if this line of code will be useful

Parse.Error.INVALID_SESSION_TOKEN

I can access session token via localStorage

  const res = await Parse.Cloud.run('login', values);
  console.log(res.session);

Answer 1

You can't differentiate a request from a different tab within the same browser. It will share the same session token and be indistinguishable from any other request. Requests made from different browsers will have different session tokens and if they store some user info you can determine which ones belong to which user.

If we reframe your question it sounds like you only want to allow for one active login per user. This requires a centralized or clustered session management solution that supports preventing multiple concurrent sessions.

If you will only ever have one backend server or you are using a shared database to store sessions, then you can do this a bit easier depending on what you are using for session management since all sessions will be available on the one server.

It is not clear to me if your users are connecting directly to parse server. If they are you will most likely need to modify parse-servers code directly to support this.

In general this is a silly idea. Unless you have a legal requirement to do so I would not advocate worrying about this. Bypassing this is usually as easy as copying around a session token.