Avoid multiple logins with the same username and password

Question

In my application I have a login page and I need to prevent multiple logins from the same user (same username and password). I have used different methods like having a boolean value and updating it from true to false. But it has the drawback that whenever a user closes her browser (without logging of) the flag is not updated.

Are there any ways to achieve that by using session_id or something along those lines?

See this question, http://stackoverflow.com/questions/7068919/devise-limit-one-session-per-user-at-a-time May be you can get some ideas — rick, May 18 '15 at 12:01

score 0 · Answer 1 · answered May 18 '15 at 12:07

I will use Devise and enable trackable which will save last_sign_in_at, last_sign_in_ip, current_sign_in_at, current_sign_in_ip into database. Then simply inherit Devise::SessionsController and override the action create to check if current IP is the same as last_sign_in_ip and last_sign_in_at is not before half an hour ago.

Avoid multiple logins with the same username and password

1 Answers1