Jump to content

Preventing multiple user login with the same account


Guy Verville
 Share

Recommended Posts

Hi,

I have a request from a customer who would like to prevent his employees to give their credentials to other employees. In another word, if someone logs in with a given username while another is logged, either the former is not allowed (with a message), or the latter is kicked out (with a message).

While there is now two-factor authentication in PW, I am not sure the client wants that. Just wondering if there would be other ways to do so.

Link to comment
Share on other sites

I've never done something like this, but you could perhaps use one of these two modules and see if they're hookable.

http://modules.processwire.com/modules/login-notifier/

http://modules.processwire.com/modules/process-login-history/

Or you could track logins yourself and also track IP#, user agent, and maybe even geo-tracking. Perhaps create a cookie with a token too. Store them somewhere, and on every login check if that user is already logged in. If yes, deny access to the user who tries to login later, and show some message.

Edited by dragan
clarification in last sentence
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...