duanen19871021 2016-07-02 23:39
浏览 14
已采纳

仅允许用户的一个实例登录到网站

At the moment, in my website several people could technically log in using the same username and password at the same time on different machines.

I want to make it so that if someone logs in then it automatically ends any session associated with that user. That way, only one instance of a particular user can be logged in at any one time.

I'm trying to figure out how to implement this. How can someone logging in and creating a new session destroy a specific session on a different machine?

  • 写回答

1条回答 默认 最新

  • dooo61733 2016-07-02 23:44
    关注

    Add a field called "login_token" (make it a randomly generated string) and each time the user logs in, generate a new string and update the login_token field. Also store the login_token in the session. If a users session login_token value does not match that of the one in the database then kill the session.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 poi合并多个word成一个新word,原word中横版没了.
  • ¥15 【火车头采集器】搜狐娱乐这种列表页网址,怎么采集?
  • ¥15 求MCSCANX 帮助
  • ¥15 机器学习训练相关模型
  • ¥15 Todesk 远程写代码 anaconda jupyter python3
  • ¥15 我的R语言提示去除连锁不平衡时clump_data报错,图片以下所示,卡了好几天了,苦恼不知道如何解决,有人帮我看看怎么解决吗?
  • ¥15 在获取boss直聘的聊天的时候只能获取到前40条聊天数据
  • ¥20 关于URL获取的参数,无法执行二选一查询
  • ¥15 液位控制,当液位超过高限时常开触点59闭合,直到液位低于低限时,断开
  • ¥15 marlin编译错误,如何解决?