All geek questions in one place

Cakephp prevents a user from logging in from multiple locations at once

I have a CakePHP 1.3.10 website with a login system using Auth. How can I prevent the same username / password for logging in from different places at the same time? It should work in such a way that when an already registered user logs in from another place, the first one is knocked out (so the latter can continue to use my site).

I am doing some research and I can’t find a “good enough” solution. It seems that simple will keep a boolean value up to 1 when the user logs in, but I don’t know what to do with it to make this work the way I describe.

The simple part is that when the user logs out, I change this value to 0. But what if he just closes the browser? And what should I do when the user logs in and the logical value is already set to 1? How do I hit the "old" user?

Any advice would be much appreciated ...

+3
source share
1 answer

To do this, modify the /core.php configuration to use database-driven sessions.

Configure::write('Session.save', 'database');

After that, also uncomment the following line:

 //Configure::write('Session.database', 'default');

Using the default database configuration is what you want in most cases.

Then prepare your database for hosting sessions using the Cake console:

 cake schema create Sessions

Finally, in your login action, check if a session already exists for the user who has just logged in and is invalid / removes his old session from the session table.

I have not used this method before, but I assume that the user ID / username is stored in the data field of the session table (it probably contains a serialized array or something like that).

+3
source

Source: https://habr.com/ru/post/921320/

More articles:


All Articles