Name of Feature/Request: Invalidate Sessions for a user - Needed if their account is compromised
What financial, time savings, or quality of life improvements will occur from this: A way to have an admin or the user log out of everything with Striven with one button | Frequency: Often enough | People are users, and there will be a person somewhere somehow that will have a compromised account. This happened yesterday to a Miles employee, but it will absolutely will happen to other users at some point in time
Attempted Solutions So Far: If we disable their Google Account or clear their Google session on the admin side, it will eventually (after 45 or more minutes) log them out of Striven. This is just too long
Well, we tried to uncheck the “System User” checkbox, and it did invalidate their sessions
It also removed them from every group or user role they were a member of. So we tested with Ray Gasnick, and we are now trying to remember all the things he was a member of
Also, it did not invalidate his sessions, it just made him not be able to get in when we had the box unchecked that he was a user. When we tested and had a laptop that was logged in, and then left there, then made him not a system user and checked on another computer he was logged out of that first one. But then after we made him a user account and made his main computer work, the laptop was also still able to work without re-logging him in.
So realistically, we just need a way to kill all sessions
Digging deep - Any additional Why behind this request / How was this accomplished before Striven in what system or software: Previously accomplished: Most systems have options to do this
StrivenID: 3370893