Prevent multiple login using the same user name and password

前端未结

关注

 12  2587

栀梦 2020-11-29 22:03

I am developing an application that needs to prevent multiple login using the same user name and password.

If it happens on the same machine then obviously we need t

12条回答

一个人的身影 (楼主)

2020-11-29 22:39

I have implemented a possible solution for myself,

in the loginFilter I use, I set a lastloggedin, userloggedin and userSession within the user record on my system.

            user.setUser_lastlogged(new Date());
            user.setUser_loggedin(true);
            user.setSessionId(request.getSession().getId());
            appService.saveUsers(user);

so when i go to any of my struts2 actions i have a snippet of code in the prepare method.

@Override
public void prepare() throws Exception {
    UsersBase usercheck = appservice.getUserByUsername((String)request.getSession().getAttribute("j_username"));
    if(request.getSession().getId().equals(usercheck.getSessionId())){
        request.getSession().invalidate();
    }

}

This will log the user out when they login on another machine, or if you don't want to log them in i could do the following on the loginFilter

 UsersBase userdto = appService.getUserByUsername(username);
        if (userdto != null) {
            if ((userdto.getUser_loggedin())) {
                if (request.getSession().getId().equals(userdto.getSessionId())) {
                    authRequest.eraseCredentials();
                    request.getSession().setAttribute("error", "You are already logged in ");
                } 
            }
        }

0 讨论(0)

查看其它12个回答