如何限制每个会话只能登录一次用户? [英] How to restrict user to be logged only one time per session?

问题描述

我正在使用Symfony 1.4应用程序，因此我需要防止用户多次登录该应用程序，这意味着如果他/他已经登录，则不应仅登录就可以.打开新的浏览器.

I'm working a Symfony 1.4 apps, and I need to prevent a user beeing able to login more than once into the application, I mean if S/He is already logged in, it should not be able to logged in just opening a new browser.

• 用户在Chrome上登录.
• 打开Firefox，尝试登录，然后由于登录已经在Chrome中处于活动状态而无法登录

我要避免同一用户在同一台​​计算机或另一台计算机上使用不同的浏览器开始另一个会话.

I want to avoid same user begins another session with a different browser in the same computer, or in another.

推荐答案

我想到的唯一解决方案是在MySQL(或您的数据库)中使用会话，然后检查给定用户的会话是否处于活动状态，以便是否登录.

The only solution I think about is to use session in MySQL (or your database) and then, check if a session is active for a given user so it can login or not.

这将不是一个容易的部分.我曾经做过一次，但是找不到源代码.所以我将描述您将要做的事情.

It won't be an easy part. I did that one time but can't find the source code.. So I will describe what you will have to do.

1. 您需要激活sfPDOSessionStorage以便将会话存储在db中(您可以按照以下步骤进行操作博客帖子)

2. 然后创建一个扩展了sfPDOSessionStorage的自定义存储，以便能够在会话表中添加更多字段.

1. You need to activate sfPDOSessionStorage to store session in db (you can follow this blogpost)

2. then create a custom storage that extend sfPDOSessionStorage to be able to add more field into the session table.

您将在factories.yml中有一个新字段(例如sess_user_id)，如下所示:

You will have a new field (for example sess_user_id) inside your factories.yml, something like this :

all:
  storage:
    class: myCustomPDOSessionStorage
    param:
      db_table:       session
      database:       propel

      db_id_col:      sess_id
      db_data_col:    sess_data
      db_time_col:    sess_time
      db_user_id_col: sess_user_id

您将需要更新方法sessionRead& sessionWrite从您的自定义会话存储到:

You will need to update method sessionRead & sessionWrite from your custom session storage to:

• 使用新字段(user_id)插入/更新
• 检查user_id是否已经存在，会话时间是否正常.如果不是，则抛出异常.您必须在用户登录时捕获此异常，才能显示有关该问题的消息.

这篇关于如何限制每个会话只能登录一次用户?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！