On Saturday, February 8, 2014 3:49:45 PM UTC-8, DeanK wrote: > > Thanks Anthony. I think I like the sound of your last suggestion. I'm > going to try that one out. > > Speaking as a naive developer, the "cpu/io intensive" remark suggests to me that the onlogin hook be used to queue a job for a worker thread that would carry out the hunt-and-flush mission. Or would that be the wrong hammer for this torque screw?
/dps > > On Tuesday, February 4, 2014 10:16:46 AM UTC-5, Anthony wrote: >> >> > [...] >> > > An alternative would be upon login, check the auth_event table for logins >> of the same user within some recent time period (e.g., the last 24 hours). >> Then grab the ip addresses of those logins (which are stored in >> db.auth_event.client_ip). Then find all of the sessions whose file names >> (or session ID's if stored in the database) start with any of those ip >> addresses (excluding the ip address of the current request, of course). >> Then check each of those sessions to see if they include an "auth" object >> for the current user, and if so, delete that "auth" object from the session >> (or simply delete the session entirely). This is a bit more complicated and >> CPU/IO intensive, but it only happens upon login, not on every request. >> Also, it won't work with cookie based sessions. >> > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
