Guy Verville Posted August 27, 2018 Posted August 27, 2018 Hi, I have a request from a customer who would like to prevent his employees to give their credentials to other employees. In another word, if someone logs in with a given username while another is logged, either the former is not allowed (with a message), or the latter is kicked out (with a message). While there is now two-factor authentication in PW, I am not sure the client wants that. Just wondering if there would be other ways to do so.
dragan Posted August 27, 2018 Posted August 27, 2018 (edited) I've never done something like this, but you could perhaps use one of these two modules and see if they're hookable. http://modules.processwire.com/modules/login-notifier/ http://modules.processwire.com/modules/process-login-history/ Or you could track logins yourself and also track IP#, user agent, and maybe even geo-tracking. Perhaps create a cookie with a token too. Store them somewhere, and on every login check if that user is already logged in. If yes, deny access to the user who tries to login later, and show some message. Edited August 27, 2018 by dragan clarification in last sentence
cb2004 Posted August 27, 2018 Posted August 27, 2018 Pretty sure this was announced in a recent blog post with sessions in the database. Bank holiday in the UK so I will take a look in the morning. 3
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now