[Yanel-dev] User login - prevent the same user from logging on twice
Bruno von Rotz
bruno.vonrotz at wyona.com
Thu Jun 17 08:39:41 CEST 2010
For some implementations it's important that the same user can't log on
to the system twice.
For example if there's a subscription based revenue model you don't want
to have the same user create two sessions using different computers
(cookies).
I see different ways to prevent this or to monitor this:
a) through the login we can detect whether the same credentials have
been used by different computers (cookies) at the same time. Then we can
manually or automatically decide to lock the user or to not allow him to
log on again
b) we can detect at log on time whether the same user is already logged
on. I am not sure whether we actually know whether a specific user is
already logged on. But we could store additional information to make
sure we CAN know
c) we could also have a "flag" per user to say whether multi-login is
allowed, as for some purposes, i.e. testing, it's practical to be able
to use the same user many times
There may be more possibilities.
What is the best way to go depends on what and how it is already
implemented in Yanel.
Bruno
-
More information about the Yanel-development
mailing list