How to ban users

formatCvt · April 30, 2022, 3:12pm

We are looking for proper way to ban users.
Just call usersBanId isn’t enough. Looks like we should call sessionDisconnect, but how to get sessionId by userId we can’t find.

sean · May 3, 2022, 1:29pm

Hi @formatCvt I suggest doing the ban, logout and disconnect on the server via an RPC.

The steps will look like this:

A user with elevated privileges calls a custom server RPC supplying the userId
The RPC bans the user
Then calls sessionLogout with no session and refresh token which invalidates all the user’s session tokens
Then lists all their connections and call sessionDisconnect to disconnect the sockets (multiple devices)

For the last point, every connected socket has an automatic presence on a notification stream for that user ID (so if the user has 2 connected sockets, it’ll be 2 presences).

You can do a stream user list on stream with mode 0 and user ID as the subject nk.streamUserList({mode: 0, subject: userID}, true, true) and call sessionDisconnect to close all the sockets.

formatCvt · May 9, 2022, 9:06am

Thanks, but not working with 3.11.0 from dockehub because fixed later and not released yet Fix data returned by StreamUserList in JS runtime. · heroiclabs/nakama@c773c24 · GitHub

Topic		Replies	Views
How ban accounts properly and get notified? Runtime Framework getting-started	4	330	March 21, 2023
How to get account through deviceID at server runtime Runtime Framework	2	77	January 22, 2024
Preventing users from having multiple sessions Local Setup	13	2578	April 13, 2023
Get or ban user by custom id Runtime Framework server-framework , lua , users	2	347	September 29, 2022
How to get the full user list on the server Runtime Framework server-framework , authentication , typescript	8	305	August 22, 2023

How to ban users

Related Topics