Monitor and control user sessions across devices

Session Guard gives you complete visibility and control over user sessions. Track active devices, set session timeouts, implement concurrent session limits, and allow users to remotely log out from compromised devices. Perfect for applications that need fine-grained access control.

Every session is tracked with detailed metadata including IP address, device type, browser, location, and last activity timestamp. Users can view their active sessions in a dashboard and revoke access from any device with one click.

Integration

Session Guard integrates with ShipOS's authentication layer to provide enhanced session tracking without changing your existing login flow. Install our middleware and sessions are automatically monitored.

Key Features

Set global or per-user session limits. Implement idle timeouts that automatically log out inactive users. Configure session renewal policies that balance security with user experience. Enable suspicious activity detection that flags logins from new locations or devices.

import { SessionGuard } from '@sessionguard/sdk';

const guard = new SessionGuard({
  apiKey: process.env.SESSIONGUARD_KEY,
  maxConcurrentSessions: 3,
  idleTimeout: '30m',
  absoluteTimeout: '7d'
});

app.use(guard.middleware());

import { SessionGuard } from '@sessionguard/sdk';

const guard = new SessionGuard({
  apiKey: process.env.SESSIONGUARD_KEY,
  maxConcurrentSessions: 3,
  idleTimeout: '30m',
  absoluteTimeout: '7d'
});

app.use(guard.middleware());

import { SessionGuard } from '@sessionguard/sdk';

const guard = new SessionGuard({
  apiKey: process.env.SESSIONGUARD_KEY,
  maxConcurrentSessions: 3,
  idleTimeout: '30m',
  absoluteTimeout: '7d'
});

app.use(guard.middleware());

Security Features

Session Guard detects and prevents session hijacking attempts. Our system monitors for impossible travel scenarios where a user appears to log in from multiple distant locations within minutes. Automatic alerts notify users when new devices access their accounts.

All session data is encrypted and stored securely. Sessions can be configured to require re-authentication for sensitive actions. Integrate with your existing 2FA system for additional security layers.