I have my own customized login process for a ColdFusion application. I basically create some session variables to indicate the user is logged in and to share these user variables throughout the "session". The user is logged in as long as the session variables exist.
I would like to now check to see if a user is already logged in at another location.
I'm not sure what the "gold standard" is here? Or any?
I could have a login table and store the userid and the IP address. When a user logs in I could test to see if the table has an entry for that user for another IP? If so, throw up a window and if the user says "continue", I delete the row for the other address?
Am I on the right track here? I'm going for the current user logging in bumps anyone else out.
Thanks in advance,