how to distinguish web and mobile and allow only o...
# support-questionsl
leoujz
11/17/2022, 1:41 PMhow to distinguish web and mobile and allow only one login for each type
leoujz
11/17/2022, 1:41 PMhello, is there a way to distinguish different types of devices, for example, I'd like to allow one user to login from web and mobile at the same time, but do not allow user to login from two mobile deivces at the same time
r
rp
11/17/2022, 1:43 PMhey @leoujz yes this is possible
rp
11/17/2022, 1:44 PMwhat you want to do is to override the createNewSession recipe function on the backend first
rp
11/17/2022, 1:44 PMand in there, read the request object's user agent header to identity which device the request is from and save that as part of the access token payload of the session.
rp
11/17/2022, 1:45 PMbefore calling the original implementation of createNewSession, you want to fetch all the sessions for the input userId and check if any of them belong to the same device type. If they do, then throw an error, else call the originalImplementation
l
leoujz
11/17/2022, 1:46 PMgot it, I will try that, thank you very much
leoujz
11/17/2022, 1:59 PMFurther more, I want to allow only one user login from all types of devices, and the new login will kick out the old one. To do this, same way to override the createNewSession recipe? or is there a ready-made recipe?
r
rp
11/17/2022, 2:00 PMsame way
l
leoujz
11/17/2022, 2:00 PMok, thanks
3 Views