Add Sessions Management feature document.

en/docs-nav.json

@@ -331,6 +331,10 @@
             {
               "text": "Linked Accounts",
               "path": "modules/account/linkedaccounts.md"
+            },
+            {
+              "text": "Session Management",
+              "path": "modules/account/session-management.md"
             }
           ]
         },
@@ -381,6 +385,10 @@
             {
               "text": "Two Factor Authentication",
               "path": "modules/identity/two-factor-authentication.md"
+            },
+            {
+              "text": "Session Management",
+              "path": "modules/identity/session-management.md"
             }
           ]
         },

en/modules/account/session-management.md

@@ -0,0 +1,13 @@
+# Session Management
+
+Session Management feature allows you to prevent concurrent login and manage user sessions.
+
+See the [Session Management](../identity/session-management.md) of Identity Pro document to learn more about this feature.
+
+## Manage my sessions
+
+As usual, you can view/manage your own sessions in the `My Sessions` page of the Account Pro module.
+
+![my-sessions](../../images/my-sessions.png)
+![my-sessions-list](../../images/my-sessions-list.png)
+![my-sessions-details](../../images/my-sessions-details.png)

en/modules/identity/session-management.md

@@ -0,0 +1,56 @@
+# Session Management
+
+The Session Management feature allows you to prevent concurrent login and manage user sessions.
+
+## Prevent concurrent login
+
+There is a setting in the identity section to prevent concurrent login. It has three options:
+
+1. `Disabled`
+
+    No restriction on concurrent login. This is the default.
+
+2. `LogoutFromSameTypeDevices`
+
+    Only one session of the same type can exist. 
+    `Same type` means we can restrict single login with a browser, but we may still can login with a mobile application without affecting the browser session. So, for each device type, we may allow a single login.
+
+3. `LogoutFromAllDevices`
+
+    All other sessions will be logged out when a new session is created.
+
+![prevent-concurrent-login](../../images/prevent-concurrent-login.png)
+
+## Manage user sessions
+
+You can view and manage user sessions on the `Users` page of the Identity module.
+
+![user-sessions](../../images/user-sessions.png)
+![sessions-modal.png](../../images/sessions-modal.png)
+![session-details-modal.png](../../images/session-details-modal.png)
+
+Once you revoke a session, the user will be logged out.
+
+## IdentitySessionCleanupBackgroundWorker
+
+The `IdentitySessionCleanupBackgroundWorker` is a background worker that will remove the sessions that have not been active in the past.
+
+###  IdentitySessionCleanupOptions
+
+* `IsCleanupEnabled`: Default value is `true`. 
+* `CleanupPeriod`: Default value is 1 hour.
+* `InactiveTimeSpan`: Default value is `30` days.
+
+## How it works
+
+This feature depends on the [Dynamic Claims](https://docs.abp.io/en/abp/latest/Dynamic-Claims) feature of the ABP framework. Here is how it works:
+
+* The `IdentitySessionClaimsPrincipalContributor` will generate a random GUID as a `sessionid` to add the `ClaimsPrincipal`, This usually happens when logging in to get the user's claims.
+* The `OnSignedIn` event of `Identity` and `ProcessSignIn` event of `OpenIddict` will get this `sessionid` and store it in the database (`IdentitySession` table).
+* The `Dynamic Claims` system's `IdentitySessionDynamicClaimsPrincipalContributor` will ensure the `sessionid` exists or signs out.
+* The `IdentitySessionChecker` will check the `sessionid` that exists and update the `LastAccessed` and `IpAddress`  to the cache.
+* The `IdentitySessionManager` is used to get one or a list of sessions and update the` LastAccessed` and `IpAddress` from the cache to the database.
+* The module will remove the session when logging out.
+* The `IdentitySessionCleanupBackgroundWorker` will remove the inactive sessions.
+* Once a new session has been created, we will remove the other sessions based on the `PreventConcurrentLogin` setting.
+* The `IdentitySessionManager` is used to manage/maintain the sessions. Please use this class instead of directly using the repository.