AnsweredAssumed Answered

Prevent multiple logins of same user

Question asked by Asaf Army on Mar 31, 2014
Latest reply on Sep 6, 2017 by Harald Kuske
This is a HUGE BUG in SugarCRM.

The same user and password can be used from unlimited computers at the same time!!
if person 1 is logged in with a certain username and person 2 logs in a different computer or browser, with the same username and password, Person 1 is not logged out automatically!!! and they both work with the same user without any disturbance!!!

i need to prevent that and read many posts about it.
not gonna pay for a paid module to do that.

Identifing the session number using session_id() will not help because when person 1 is logged in with the user and person 2 logs in with the same user on different computer/browser, they have different session id , so i can't identify that the person 1 is already logged in and kill his session.

also the solution to add a new field "login_status" and when person 1 logs in , set it to 1 and when person 2 tries to log in, to check the field and block him if login_status is 1, won't work, because i can't update this field in cases when the user just closes the browser window and doesn't push the logout link.

THIS IS A HUGE AND CRITICAL PROBLEM!

any tips and help will be very much appriciated.

thank you.


Outcomes