AngularJS: Limit logins to once device at a time?
Hello experts,
I have a firebase application that implements a login strategy that is a derivative of angular-seed.
I would like to enforce user logins to be limited to one device at a time. Do you have any recommendations on how to implement this kind of feature?
For example, if I login on a desktop and then try logging in on a second device; I would like to be able to detect multiple login attempts. I have not decided what happens when this occurs yet but I believe I will invalidate the other session.
I have not started my research into this yet but I thought I would seek feedback from the EE community.
Thank you,
Gregg
I have a firebase application that implements a login strategy that is a derivative of angular-seed.
I would like to enforce user logins to be limited to one device at a time. Do you have any recommendations on how to implement this kind of feature?
For example, if I login on a desktop and then try logging in on a second device; I would like to be able to detect multiple login attempts. I have not decided what happens when this occurs yet but I believe I will invalidate the other session.
I have not started my research into this yet but I thought I would seek feedback from the EE community.
Thank you,
Gregg
Do more with
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
What you can do is to verify if the user already have an active session and drop it before creating a new one.
If the user tries to access the previous device he will be redirected to the login page.
I'm not sure on how to achieve this with Firebase tho...
Trying to control this too much might put you in some edge situations where the user left the browser open in the office and is trying to connect on the phone but he's not able to...
Trying to open it in a different browser will also detect it as a different device, right?
It has to be clear what qualifies as multiple login attempts; time span? origin ip? device name (javascript doesn't have access to the machine info...)?
Another idea that came to my mind now is to use socket.io to guarantee a single channel.
If you enforce that your app only supports one hub per user, when the user tries to access the app on another tab/browser/device, you can simply disconnect the current hub and create a new one.
For the user you can display a "You've connected somewhere else" kind of message on the previous session page.
... I like this last idea :)
If the user tries to access the previous device he will be redirected to the login page.
I'm not sure on how to achieve this with Firebase tho...
Trying to control this too much might put you in some edge situations where the user left the browser open in the office and is trying to connect on the phone but he's not able to...
Trying to open it in a different browser will also detect it as a different device, right?
It has to be clear what qualifies as multiple login attempts; time span? origin ip? device name (javascript doesn't have access to the machine info...)?
Another idea that came to my mind now is to use socket.io to guarantee a single channel.
If you enforce that your app only supports one hub per user, when the user tries to access the app on another tab/browser/device, you can simply disconnect the current hub and create a new one.
For the user you can display a "You've connected somewhere else" kind of message on the previous session page.
... I like this last idea :)
Premium Content
You need an Expert Office subscription to comment.Start Free Trial