last time, I asked this question I have been misunderstood. So:
In my Rails3 application I 开发者_Go百科use Devise for authentication. I have requirement which says, that every user can be logged in only from one browser. It means if user A is logged in (e.g. on FF), and then from other computer, or from other browser (e.g. Chrome) comes request to log user A, the first one should be logged out.
I found out, that I can override SessionController and it's create method. However I don't see any way to check if user with given email (params[:email]) is currently logged in, furthermore I don't know which method should I invoke to destroy this user session.
I'd just store a timestamp for each page load in the session. Compare this in a before_filter with a last_seen field of user. If the user last seen is after the session timestamp destroy the user session.
The approach I would take would be to modify the trackable or lastseen plugin and then use a warden callback.
https://github.com/hassox/warden/wiki/Callbacks
Not a great answer, but maybe can get you started.
精彩评论