Account Disabled wont work when authenticated
Closed this issue · 2 comments
If a user has successfully logged in and is authenticated, then someone else incorrectly logs in several times and the account gets disabled. The already authenticated user can still close and reopen the tab to access their dashboard.
Solution: in the /student endpoint add a check to see if account is disabled, therefor when the authenticated user closes the browser or refreshes the active dashboard tab, they'll be blocked to retrieve their account information and redirect to login page.
Possibly able to communicate from api to front end using sockets to immediately deauthorize any previously authenticated user who's account has become disabled.
Solved in last commit
Still could add sockets to immediately deauthorize any authenticated user who's account becomes disable.