<@498057949541826571> TL;DR, is there a way to handle user to login in single device at the same tim...

[CATs] ya ong | [GUnS] bakins

03/04/2024, 11:20 AM

@rp_st TL;DR, is there a way to handle user to login in single device at the same time? I can't found it so far in the docs. Kindly help to navigate it. Thank you

rp_st

03/04/2024, 11:21 AM

hey @[CATs] ya ong | [GUnS] bakins you mean you want to resitect a user to be logged into only once device at a time? Or something else?

[CATs] ya ong | [GUnS] bakins

03/04/2024, 11:22 AM

@rp_st yes, that's the goal we want to achieve, to restrict a user to be logged into only one device at a time. When he tried to logging in another device, then we should reject/ invalidate the attempt.

rp_st

03/04/2024, 11:23 AM

yup, so what you want to do is to override the createNewSession function in the session.init on the backend, and before calling the original implementation, check how many sessions that user currently has (there should be a function like Session.getSessionHandlesForUser).

rp_st

03/04/2024, 11:23 AM

if the user has > 0 sessions already, throw an error, and then catch it in the sign in / API of your recipe and return a GENERAL_ERROR status with a message which will display the message on the frontend

[CATs] ya ong | [GUnS] bakins

03/04/2024, 11:25 AM

understood with your Idea, I will re-read the session documentation. Thanks 🤝

[CATs] ya ong | [GUnS] bakins

03/04/2024, 11:36 AM

@rp_st Anw, follow up question, what if when session > 0 which is one, we return the session to be reused by the new device and logout from the previous one? I think it out loud that your suggestion is as easy as we can implement it. As there might be a case where the session is still > 0 but in mobile apps side, the users is currently logged out. How do we tackle this problem?

rp_st

03/04/2024, 12:57 PM

hmm. Well, in that case, you can allow calling the original implementation, but before that, call the revokeAllSessionsForUser function. This will log the user out of the other devices when those devices try and do a refresh

[CATs] ya ong | [GUnS] bakins

03/04/2024, 2:24 PM

let me understand this way more tomorrow, thanks for that

Previous Next

SuperTokens.com

SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).