These recommendations are from @jlfranklin:
I think we should start by adding a way to explicitly expire other sessions, with permissions for admins to expire a single user's sessions and for a user to expire their own. if there is a contirb module that already adds a "logout other devices" buttons, we should consider pulling it into core. If not, it's a simple enough thing to write.
I don't think the right thing to do is to simply delete all sessions on password save. There should be some more administrator control over this. As a starting point, I'll propose this:
- Add a setting to the user or system modules (user.expire_sessions_on_password_change or similar), defaulting to TRUE.
- Add code to conditionally expire sessions on password change.
- Add an "Advanced Security" module that exposes the setting with a description detailing the risk.
- The "Logout other devices" button could be added to the Advanced Security module, too.
GitHub Issue #:
5545
Recent comments
Thanks for responding. I was expecting that it be relatively easy to manage overlay layers (not the base layers that are indeed controlled form the Leaflet More Maps module's settings page)....
Layer management in Leaflet
We were able to add overlays and polygons to leaflet with a custom module as mentioned in https://github.com/backdrop-contrib/leaflet/issues/73#issuecomment-2907873081 with a combination of php...
Layer management in Leaflet
Hi jcesar, it may depend on what kind overlay you need. Overlays are supported in the Leaflet module. The submodule leaflet_more_maps ships with a lot of additional map types. And...
Layer management in Leaflet