[Catalyst] Preventing simultaneous logins

Daniel McBrearty danielmcbrearty at gmail.com
Sat Jul 26 20:56:12 BST 2008 

Thanks Matt, I'll definitely try this when I get round to trying to
solve this issue.

Where does MyApp::set_athenticated get called from? when the user logs
in? no, that can't be it ... you're way ahead of me here :-) ...

>> >> 1. checking whether there is an existing session associated this username
>> >
>> > Session::PerUser ?
>> >
>>
>> I looked briefly at this, but I'm a bit wary because
>> C::P::Session::Store::Fastmmap warns against being used with it. What
>> is PerUser doing that is special in that respect, and what is a good
>> backend for it?
>>
>> REading the docs for it, it seems like something slightly different -
>> keeping the same session in place, even if the user logs in in the
>> middle of it, if I understand correctly?
>
> You want:
>
> login from elsewhere to log out the same user anywhere else
>
> It wants:
>
> any login by the same user "claims" the user's session
>
> so, if you add in your root auto
>
> if ($c->user_exists) {
>  unless ($c->user_session->{sid} eq $c->sessionid) {
>    $c->logout;
>    $c->forward('/auth/logged_out');
>    return 0;
>  }
> }
>
> and in MyApp
>
> sub set_authenticated {
>  my $self = shift;
>  $self->next::method(@_);
>  $self->user_session->{sid} = $self->sessionid;
> }
>
> then you should pretty much be done.
>
> So far as I can tell, this is perfect for you. You just sometimes get
> persistent session data as well (it warns against fastmmap because in the
> "persistent session" use case fastmmap is lossy - in yours the lossyness
> is irrelevant, you don't care about the persistence feature)
>
> --
>      Matt S Trout       Need help with your Catalyst or DBIx::Class project?
>   Technical Director                    http://www.shadowcat.co.uk/catalyst/
>  Shadowcat Systems Ltd.  Want a managed development or deployment platform?
> http://chainsawblues.vox.com/            http://www.shadowcat.co.uk/servers/
>
> _______________________________________________
> List: Catalyst at lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
>



-- 
There's an infinite supply of time, we just don't have it all yet.

More information about the Catalyst mailing list