如何限制每个会话只能登录一次用户? [英] How to restrict user to be logged only one time per session?
问题描述
我正在使用Symfony 1.4应用程序,因此我需要防止用户多次登录该应用程序,这意味着如果他/他已经登录,则不应仅登录就可以.打开新的浏览器.
I'm working a Symfony 1.4 apps, and I need to prevent a user beeing able to login more than once into the application, I mean if S/He is already logged in, it should not be able to logged in just opening a new browser.
- 用户在Chrome上登录.
- 打开Firefox,尝试登录,然后由于登录已经在Chrome中处于活动状态而无法登录
我要避免同一用户在同一台计算机或另一台计算机上使用不同的浏览器开始另一个会话.
I want to avoid same user begins another session with a different browser in the same computer, or in another.
推荐答案
我想到的唯一解决方案是在MySQL(或您的数据库)中使用会话,然后检查给定用户的会话是否处于活动状态,以便是否登录.
The only solution I think about is to use session in MySQL (or your database) and then, check if a session is active for a given user so it can login or not.
这将不是一个容易的部分.我曾经做过一次,但是找不到源代码.所以我将描述您将要做的事情.
It won't be an easy part. I did that one time but can't find the source code.. So I will describe what you will have to do.
- 您需要激活
sfPDOSessionStorage
以便将会话存储在db中(您可以按照以下步骤进行操作博客帖子) -
然后创建一个扩展了
sfPDOSessionStorage
的自定义存储,以便能够在会话表中添加更多字段.
- You need to activate
sfPDOSessionStorage
to store session in db (you can follow this blogpost) then create a custom storage that extend
sfPDOSessionStorage
to be able to add more field into the session table.
您将在factories.yml
中有一个新字段(例如sess_user_id
),如下所示:
You will have a new field (for example sess_user_id
) inside your factories.yml
, something like this :
all:
storage:
class: myCustomPDOSessionStorage
param:
db_table: session
database: propel
db_id_col: sess_id
db_data_col: sess_data
db_time_col: sess_time
db_user_id_col: sess_user_id
您将需要更新方法sessionRead
& sessionWrite
从您的自定义会话存储到:
You will need to update method sessionRead
& sessionWrite
from your custom session storage to:
- 使用新字段(user_id)插入/更新
- 检查user_id是否已经存在,会话时间是否正常.如果不是,则抛出异常.您必须在用户登录时捕获此异常,才能显示有关该问题的消息.
这篇关于如何限制每个会话只能登录一次用户?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!