question

GEQ API avatar image
GEQ API asked Phong Vu commented

Multi-user app logs other users out if one user logs out

I'm not sure how to start, but we have a node app that was built off the example oauth app from the dev guide. It's been built out to basically monitor the presence status of an extension, updating every 5 seconds. Multiple users should be able to login and their sessions are being stored using express-session and MySQL store.


It seemed to work fine but when testing with multiple users, if one user hits the /logout endpoint, then the other user(s) get logged out as well. I have no idea where to start with this or what could be causing it. Shouldn't each user have their own session tokens, I can see the sessions in the MySQL sessions table and it appears to create a new session for each login, but for some reason the tokens are revoked for all users when only one user hits logout.


I'm using this code for the /logout endpoint taken from the dev guide:

app.get("/logout", async function (req, res) {
    if (req.session.tokens != undefined) {
        const platform = rcsdk.platform();
        platform.auth().setData(req.session.tokens);
        if (platform.loggedIn()) {
            try {
                const resp = await platform.logout();
                console.log("logged out");
            } catch (e) {
                console.log(`/logout error:`, e.message);
            }
        }
        req.session.tokens = null;
    }
    res.redirect("/");
});

Please let me know if any more information is needed, I'm trying to figure it out and tweak things but I honestly have no idea if it's because platform.logout() will revoke all the tokens (which I think it shouldn't since each login has their own token pairs).

The app is pretty simple but it has this issue which pretty much makes it useless since all users have to relogin when one logs out.

The dev guide I followed to get the skeleton of the app:

https://developers.ringcentral.com/guide/authentication/quick-start

rest apiintegrationssdk
1 |3000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

1 Answer

Phong Vu avatar image
Phong Vu answered Phong Vu commented

I notice now that the sample code has some mistakes. You can fix it on your code by adding the 'await' keyword to the async function calls.

const platform = rcsdk.platform();
await platform.auth().setData(req.session.tokens);
if (await platform.loggedIn()) {
    try {
        const resp = await platform.logout();
        console.log("logged out");
    } catch (e) {
        console.log(`/logout error:`, e.message);
    }
}

For supporting multiple users read this section to set the SDK configurations.

4 comments
1 |3000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

I'm not sure I'm understanding the linked GH readme. Do I need to create an instance of the rcsdk for EACH user that will login? There's going to be 60 or so users that will be logging into this app. Shouldn't it handle multiple users and have their session data separate? Or do I have to instantiate 60 different rcsdk instances for each user that logs in?

In a node.js app this seems really weird. Maybe I'm just not clear on what the documentation is trying to convey.


0 Likes 0 ·

You don't have to use multiple instance of the SDK if you don't need to.

It's all depends on your implementation. Are you sure that if one of the user does not logout, other users are using their access tokens correctly and successfully? Share some more code about how to implement the login, save the tokens and set the token every time you call an API.

0 Likes 0 ·
GEQ API avatar image GEQ API Phong Vu ♦♦ ·

Is it possible I can message you the code privately? There's some stuff in there I wouldn't want public.

0 Likes 0 ·
Show more comments

Developer sandbox tools

Using the RingCentral Phone for Desktop, you can dial or receive test calls, send and receive test SMS or Fax messages in your sandbox environment.

Download RingCentral Phone for Desktop:

Tip: switch to the "sandbox mode" before logging in the app:

  • On MacOS: press "fn + command + f2" keys
  • On Windows: press "Ctrl + F2" keys