duanen19871021 2016-07-02 23:39
浏览 14
已采纳

仅允许用户的一个实例登录到网站

At the moment, in my website several people could technically log in using the same username and password at the same time on different machines.

I want to make it so that if someone logs in then it automatically ends any session associated with that user. That way, only one instance of a particular user can be logged in at any one time.

I'm trying to figure out how to implement this. How can someone logging in and creating a new session destroy a specific session on a different machine?

  • 写回答

1条回答 默认 最新

  • dooo61733 2016-07-02 23:44
    关注

    Add a field called "login_token" (make it a randomly generated string) and each time the user logs in, generate a new string and update the login_token field. Also store the login_token in the session. If a users session login_token value does not match that of the one in the database then kill the session.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 安卓adb backup备份应用数据失败
  • ¥15 eclipse运行项目时遇到的问题
  • ¥15 关于#c##的问题:最近需要用CAT工具Trados进行一些开发
  • ¥15 南大pa1 小游戏没有界面,并且报了如下错误,尝试过换显卡驱动,但是好像不行
  • ¥15 没有证书,nginx怎么反向代理到只能接受https的公网网站
  • ¥50 成都蓉城足球俱乐部小程序抢票
  • ¥15 yolov7训练自己的数据集
  • ¥15 esp8266与51单片机连接问题(标签-单片机|关键词-串口)(相关搜索:51单片机|单片机|测试代码)
  • ¥15 电力市场出清matlab yalmip kkt 双层优化问题
  • ¥30 ros小车路径规划实现不了,如何解决?(操作系统-ubuntu)