What I see as a cool feature would be to create a set of flags of 'potentially undesirable behaviour'. Each time something 'unusual' occurs, a flag on that session is set. The user of the library can then define a threshold on which they will act.
Examples of 'potentially undesirable behaviour' include:
IP block change (still in same subnet, vs completely new range)
Geolocation change greater than x (miles?)
Browser string changes (different browser, vs different version of same browser, vs minor string change)
No activity in the last x minutes
Last authenticated y minutes ago (nb: distinct from last activity)
Each change, in isolation, is typically insufficient to trigger any significant reaction if the session ID is intact, though cumulatively reach a (configurable) threshold that a dev is not comfortable with.
An example of this in action is Amazon: when inactive for a period of time, your session remains active. To do anything of consequence while in this 'logged in but not authenticated' state (eg make a purchase / edit account settings) requires (re)authentication.
In summary, I suggest that we implement a set of flags of suspicious behaviour on which users of the library can define thresholds on which the dev is comfortable with / take action on.
What I see as a cool feature would be to create a set of flags of 'potentially undesirable behaviour'. Each time something 'unusual' occurs, a flag on that session is set. The user of the library can then define a threshold on which they will act.
Examples of 'potentially undesirable behaviour' include:
Each change, in isolation, is typically insufficient to trigger any significant reaction if the session ID is intact, though cumulatively reach a (configurable) threshold that a dev is not comfortable with.
An example of this in action is Amazon: when inactive for a period of time, your session remains active. To do anything of consequence while in this 'logged in but not authenticated' state (eg make a purchase / edit account settings) requires (re)authentication.
In summary, I suggest that we implement a set of flags of suspicious behaviour on which users of the library can define thresholds on which the dev is comfortable with / take action on.