Two ways, delete their session file... unless you know their IP it might be hard to find the right one, so if its ok just delete them all.
The other way is a design thing. Add a column to the auth_user table that says "force_logout" that is a boolean type. If you just flag that to true, make the login mechanism sign them out and require them to sign back in. -- Thadeus On Thu, Aug 26, 2010 at 11:41 AM, Jean-Guy <jean...@gmail.com> wrote: > Hello, > > I would like to know how may I revoked a user logged in "server side"? > > Can I just edit app/sessions/file... And comment appropriate line? > > Which lines are the appropriate lines? ;-) > > Jonhy >
