These recommendations are from @jlfranklin:
I think we should start by adding a way to explicitly expire other sessions, with permissions for admins to expire a single user's sessions and for a user to expire their own. if there is a contirb module that already adds a "logout other devices" buttons, we should consider pulling it into core. If not, it's a simple enough thing to write.
I don't think the right thing to do is to simply delete all sessions on password save. There should be some more administrator control over this. As a starting point, I'll propose this:
- Add a setting to the user or system modules (user.expire_sessions_on_password_change or similar), defaulting to TRUE.
- Add code to conditionally expire sessions on password change.
- Add an "Advanced Security" module that exposes the setting with a description detailing the risk.
- The "Logout other devices" button could be added to the Advanced Security module, too.
GitHub Issue #:
5545
Recent comments
Worked like a charm! Exactly what I envisioned... now I can edit the ruby text right in the editor, sweet:) Thank you! For those who may have a similar issue, try TinyMCE, create a new "text...
Specific tags to work in CKEditor 5
Yes, you can use TinyMCE on some content and CKEditor5 in others. There is no problem having both enabled on a system.
Specific tags to work in CKEditor 5
Thank you both for your suggestions. Yeah, I'll give TinyMCE a try... better than trying to fight that behemoth CKEditor 5. The TinyMCE page says it can "co-exist with CKEditor" which is...
Specific tags to work in CKEditor 5