- A list of auto login cookie keys the current user has shall be listed somewhere in the UCP.
- The option to delete/revoke any specific key shall be given to the user.
- It's currently not possible to delete auto login keys used on computers where you accidentally stayed logged in.
- Logout does only delete the key being used at the moment of logout (if any).
We currently (3.0.x) store the following data in the session key table.
I'd suggest to add
- The last IP this key has been used from
- The last User-Agent this key has been used from
A user interface / ucp module has to be written.