RE: [coldbox:18274] [ColdBox 3.5.0] Prevent concurrent user login

Store the session ID in your user table after the user logs in. Every request, check the session Id in memory to the one in the table. If it’s different, force a log out.



ColdBox Platform Evangelist
Ortus Solutions, Corp

ColdBox Platform:

Many thanks. This seems a good solution. But is there another way to solve without check every single request?

You can do it however often you want, up to a max of each request. But why would you want to do it less than each request? Either you’re okay with multiple logins or you’re not.