Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

Limit member logins to one


Go to End


4 Posts   897 Views

Avatar
martbarr

Community Member, 59 Posts

15 August 2012 at 6:23am

Hi,

I need a way of allowing one login at a time per user.
This is to deliver a commercial system where concurrent logins are not alloweddue to licensing.
I realise it will only be accurate to 15 mins - and I am not using the forum module (yet!).

Anyone point me the right way please?

Thanks
Martin

Avatar
martbarr

Community Member, 59 Posts

17 August 2012 at 7:23am

Hm looking aroud I can see that the "last visited" time is within the last 15 mins.

So could I use a CustomMemberLoginForm that checks that the member's last visited time is older than 15mins before trying doLogin(), else deny them with a "too many users logged in with this username message" ??

Is it this simple?
Martin

Avatar
martbarr

Community Member, 59 Posts

18 August 2012 at 5:16am

No-one ??

Avatar
Willr

Forum Moderator, 5523 Posts

19 August 2012 at 4:06pm

I think you had it correct with your last post. Have a custom doLogin that checks to see whether that person is already logged in and if so deny the login. It's impossible really to accurately say whether a user is logged in with SilverStripe, so the level of complexity depends on your commerical needs. A basic CSRF pattern (which may work for you) is storing the users IP, computer hostname string in the database and anything else you could get that is unique to that workstation and make sure that if a user is logging in within a 15min period that it comes from the same details.