Django How to prevent multiple users login using the same credentials

Question

I am developing an Django application using django auth module and would like to prevent multiple login using the same user name and password.

It should prevent mult

Answer 1

i solve the problem with a new model, a custom decorator and custom login page

1) i created a additional model for users eg:

class SessionKey(models.Model):
    user = models.OneToOneField(User,primary_key=True)
    key = models.CharField(max_length=255)

2) i created custom decorator to check session key is equal or not last key. i changed the original source code django decorators

from functools import wraps
from django.conf import settings
from django.utils.decorators import available_attrs
from django.contrib.auth.decorators import login_required
from django.shortcuts import resolve_url
from users.models import SessionKey #my additional model

def unique_login_required(view_func):
    @wraps(view_func, assigned=available_attrs(view_func))
    def _wrapped_view(request, *args, **kwargs):
        r = False
        ...
        #check session key is equal to last one
        ...
        if r:
            return view_func(request, *args, **kwargs)
        else:
            from django.contrib.auth.views import redirect_to_login
            path = request.build_absolute_uri()
            resolved_login_url = resolve_url(settings.LOGIN_URL)
            return redirect_to_login(path,resolved_login_url)
    return _wrapped_view

3) in custom login page, i updated the session key. last login always updates the stored session key.

finally, in the views, i call my decorator

from users.decorators import unique_login_required
@unique_login_required
def index(request):
...