Using this module you can allow your users the ability to view any sessions they currently have open on a Drupal site, and look at closing down any sessions they don't recognise. The goal of this module is to allow users to manage their sessions themselves without administrators needing to intervene.
This helps with security as users can remove any sessions from locations or devices that they don't recognise.
Usage
- Install the module as normal.
- Give the user roles you want to allow access to the sessions page the permission "inspect own users sessions".
- Users with the permission can now see the Session tab on their user profile screens. They can also access this directly at /user/[uid]/sessions.
- Users can delete any sessions they want, including the session they are currently using.
You can also assign the permission "inspect other user sessions" to certain roles who can view the sessions in use by other users. Use this permission sparingly though.
You can find a full write up of this module, including research, design and implementation in the article at https://www.hashbangcode.com/article/drupal-9-creating-session-inspector....
Plugin Modules
The following modules are available to format hostname and browser strings for this module.
Alternatives
The Session Limit module allows site administrators to set a limit on the number of sessions a user can have.
Supporting organizations:
Project information
- Project categories: Security, Access control
76 sites report using this module- Created by philipnorton42 on , updated
Stable releases for this project are covered by the security advisory policy.
Look for the shield icon below.
