On Wednesday, March 7, 2018 at 1:02:56 AM UTC-5, Massimo Di Pierro wrote: > > it is possible. > > when a user first logs in, store a uuid in the session and write it in the > database (in a new custom field in the auth_user table). When a request > arrives if the uuid in the session does not match the uuid in the database > call auth.logout() >
Be aware, that will require a database select on every request. If you want to minimize the database hits, you could also store in the session the time of the last database lookup, and then only check the database every X minutes (the tradeoff being that it could take up to X minutes to disable the first session after the second session has begun -- if you must ensure zero overlap of sessions, then you'll have to do the database check on every request). Anthony -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.