Shared device question

[stefanKP50]

As i understood, endpoint is done against browser. So what happens if 2 users use same browser ?

user1 subscribe to notifications; then log out user2 use the same device (let say a desktop) and same browser and subscribe to notifications user2 will receive user1 notifications ! coming back user1 will receive user2 notifications... I know a solution could be to unregister service worker on user1 logout, but what about session expiration and / or not logged out user (just close pwa) ? And i imagine unregister sw could have related miss configuration (no more notification ?)

I'm not sure to be clear, but did someone have this situation to take care ? Thanks

[MaartenW]

These are "desktop" notifications so if they use the same OS account, sharing the "desktop", making a distinction between users is not going to be an easy feat. WebPush is especially useful when user is not logged in or on your website/app. But that is exactly the moment you cannot be sure if the subscribing user is still the user using the desktop. OS accounts (or device profiles) fixes this. It doesn't matter if they use the same binary.

[stefanKP50]

Thanks @MaartenW in fact, i only send notifications when user is logged (endpoint + userId is my key). But webpush only interact with endpoint. Sure i have to investigate in serviceworker, in push event, check user is logged before display notification ?