Page 1 of 1
Restrict user session to one per login
Posted: 2019-11-29 23:57
by D Oliveira
Is there a way to log out a user if this same account has logged in somewhere else?
Re: Restrict user session to one per login
Posted: 2019-11-30 08:58
by D Oliveira
got overwhelmed with the research apparently cron jobs dont work that well for that feature, thinking about something like that now:
home.php
Code: Select all
if ( $ip_db1 == '' ){
$ip_db1 = $ip_self
}else{
if ( $ip_db2 == ''){
$ip_db2 = $ip_self
}
}
if ( $ip_self == $ip_db1 or $ip_self == $ip_db2){
// success
}else{
you can only be logged in 2 devices at a time.
Refresh connection
( you will have to wait 5 minutes for access ) // setlock = 1 // when lock = 1 show timer then setlock = '' after 5 min
}
// log out button
if ( $ip_self == $ip_db1 ){
$ip_db1 = ''
}
if ( $ip_self == $ip_db2 ){
$ip_db2 = ''
}
log out function
I wonder if IP addresses change constantly or if its safe to assume its gonna persist for that purpose
Re: Restrict user session to one per login
Posted: 2019-12-01 18:26
by a.gneady
You'd need to log user logins into a new database table, storing the user agent (which is more accurate than the IP address) ... The user agent is stored in $_SERVER['HTTP_USER_AGENT'] ... So, using the login_ok hook in hooks/__global.php, you should check the logins table to see if the current user has a session with the same user agent ... If she does, then she is logging from the same device and it's OK to proceed. If she does have a session, but with a different user agent, it means she's logged in from another device. In that case, you could log her out and display an error explaining that she can log in from only one device.