We’ve been working on a new session-manager module. This module allows CMS users to track and manage their Silverstripe CMS sessions created from using multiple devices.
A typical use case could be something like you lose your laptop and you’re afraid someone could use your browser session to access the CMS. In this scenario, you could log in from another device and invalidate your laptop session.
The most recent version is 0.3.0. We’re looking for more real-world usage and early adoption before we officially call it stable. We would love for people to try it out and let us know how it works for them. We’re especially interested in getting feedback from projects with customised login flows (e.g.: Intranets, LDAP/SAML).
To install session-manager you just need to run:
composer require silverstripe/session-manager
No further configuration steps are necessary and it should work out-of-the-box. You can configure a task to garbage collect expired sessions.
We’re expecting to tag a stable 1.0.0 version in a couple months when we release Silverstripe CMS 4.9.0. This module would become part of the official Silverstripe CMS installer.
If you need further information, you can read: