AngularJS: Limit logins to once device at a time?

Hello experts,
I have a firebase application that implements a login strategy that is a derivative of angular-seed.

I would like to enforce user logins to be limited to one device at a time. Do you have any recommendations on how to implement this kind of feature?

For example, if I login on a desktop and then try logging in on a second device; I would like to be able to detect multiple login attempts. I have not decided what happens when this occurs yet but I believe I will invalidate the other session.

I have not started my research into this yet but I thought I would seek feedback from the EE community.

Thank you,
Gregg
LVL 10
GreggAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Alexandre SimõesManager / Solutions ArchitectCommented:
What you can do is to verify if the user already have an active session and drop it before creating a new one.
If the user tries to access the previous device he will be redirected to the login page.
I'm not sure on how to achieve this with Firebase tho...

Trying to control this too much might put you in some edge situations where the user left the browser open in the office and is trying to connect on the phone but he's not able to...
Trying to open it in a different browser will also detect it as a different device, right?

It has to be clear what qualifies as multiple login attempts; time span? origin ip? device name (javascript doesn't have access to the machine info...)?

Another idea that came to my mind now is to use socket.io to guarantee a single channel.
If you enforce that your app only supports one hub per user, when the user tries to access the app on another tab/browser/device, you can simply disconnect the current hub and create a new one.
For the user you can display a "You've connected somewhere else" kind of message on the previous session page.

... I like this last idea :)

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
GreggAuthor Commented:
You have provided some excellent points that will help me my research. At this point I am not certain if this is the route I want to take. Thank you.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Angular

From novice to tech pro — start learning today.