What u can do instead is to use a caching later to store that Boolean for a user and check the cache on every request. And when ur creating a session check that Boolean for that user before creating a session to make sure it’s true.