Authlogic and multiple sessions for the same user

Question

Hello,

I'm using Authlogic to manage the sessions in my application.
However, by default, authlogic allows a user to be logged in many times from different computers.
I don't want that (the user pays to get access and I want to avoid users sharing their accounts).

Looking in the Authlogic documentation, I've found about the perishable_token. But when trying to implement it, I just get an error saying the persistence_token is required (when it shouldn't be as I use the perishable one).

How would you do this using the Authlogic's features ?

Thanks :)

Answer 1

Ok so the perishable token was absolutely not the right path ;)

We "just" need to reset the persistence token every time a user logs in or logs out. With this in my UserSession model, every user gets logged off from any other session when logging in.

class UserSession < Authlogic::Session::Base
    before_destroy :reset_persistence_token
    before_create  :reset_persistence_token

    def reset_persistence_token
        record.reset_persistence_token
    end 
end