2

I have webservice which uses ASMX webmethod etc (I know, outdated), it is used to supply mobile devices with data for their apps.

Right now, users can login on any device at any time, as many times as they want. To make this product compatible with a new licensing model, we want to restrict users in logging in to multiple devices.

A user should only be able to be logged in at one device at a time.

I thought of the following solution: save the mobile device identifier last used in a request, and the time of the request in the database. If a user tries to login (within ~10 minutes) from another mobile device identifier -> login fails.

My problem: in which method do I put this code. I want to prevent duplicate code as much as possible.

I have 4 .asmx files with API's, I could put the code in the constructors of all the classes, but I'd rather not. Is there not some "Request_Start" that already has access to GET/POST parameters?

Stijn
  • 858
  • 2
  • 12
  • 21

1 Answers1

1

Please refer to:

When the same user ID is trying to log in on multiple devices, how do I kill the session on the other device?

I understand you're asking about ASMX, but I believe this will be a good starting point for you.

I had this same exact requirement, and came up with a pretty slick solution, demonstrated in the link above. In a nutshell, my requirement was to only have one user log-in happening at one time. If that same user ID tried to log in elsewhere, then it killed the session for the first log-in by checking for an existing log-in under a different Session ID (this enabled the user ID to be logged in from multiple instances of their web browser on their computer [same Session ID], which is common, but not from a different computer [different Session ID] (possibly due to someone that stole their credentials, for example)). Through modification of the code you could probably change the behavior of this - i.e., prevent the second log-in attempt instead of killing the first log-in that's already active and in use.

Of course, it may not fit 100% to what you're needing, so feel free to modify it to fit your needs.

Community
  • 1
  • 1
Mike Marks
  • 10,017
  • 17
  • 69
  • 128