Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

General Questions

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Limit member logins to one


4 Posts   473 Views


15 August 2012 at 6:23am Community Member, 46 Posts


I need a way of allowing one login at a time per user.
This is to deliver a commercial system where concurrent logins are not alloweddue to licensing.
I realise it will only be accurate to 15 mins - and I am not using the forum module (yet!).

Anyone point me the right way please?



17 August 2012 at 7:23am Community Member, 46 Posts

Hm looking aroud I can see that the "last visited" time is within the last 15 mins.

So could I use a CustomMemberLoginForm that checks that the member's last visited time is older than 15mins before trying doLogin(), else deny them with a "too many users logged in with this username message" ??

Is it this simple?


18 August 2012 at 5:16am Community Member, 46 Posts

No-one ??


19 August 2012 at 4:06pm Forum Moderator, 5511 Posts

I think you had it correct with your last post. Have a custom doLogin that checks to see whether that person is already logged in and if so deny the login. It's impossible really to accurately say whether a user is logged in with SilverStripe, so the level of complexity depends on your commerical needs. A basic CSRF pattern (which may work for you) is storing the users IP, computer hostname string in the database and anything else you could get that is unique to that workstation and make sure that if a user is logging in within a 15min period that it comes from the same details.