how to distinguish web and mobile and allow only o...
# support-questions
how to distinguish web and mobile and allow only one login for each type
hello, is there a way to distinguish different types of devices, for example, I'd like to allow one user to login from web and mobile at the same time, but do not allow user to login from two mobile deivces at the same time
hey @leoujz yes this is possible
what you want to do is to override the createNewSession recipe function on the backend first
and in there, read the request object's user agent header to identity which device the request is from and save that as part of the access token payload of the session.
before calling the original implementation of createNewSession, you want to fetch all the sessions for the input userId and check if any of them belong to the same device type. If they do, then throw an error, else call the originalImplementation
got it, I will try that, thank you very much
Further more, I want to allow only one user login from all types of devices, and the new login will kick out the old one. To do this, same way to override the createNewSession recipe? or is there a ready-made recipe?
same way
ok, thanks