So I want users to be able to login from different computers simultaneously. So that means I should allow the user to have multiple tokens. And then I also want the user to be able to login from different browsers on the same computer. So that means I should allow the user to have multiple tokens for same IP. However, it's gonna get messy because eventually I'm going to have alot of tokens for one user!
Any suggestions on strategy of controlling this or am SOL that I would need to do a token clean up for tokens that are not used for say 15 days or so? Sorry, I just want to get it right :)
P.S. I'm doing this with PHP