Logout the same user if logged in on another device
How can we achieve the mechanism in kinde auth nextjs sdk such that if I have logged in on one device and at the concurrent time I log in from another device then the previous session of device should be logged out
Summary: I want to restrict the concurrent log in of the same user.
4 Replies
So, the way to enable this on the client-side is to have a listener of some sort listen for "logged out" events. Something like supabase realtime tables or redis could help with this. The "logout event" would be triggered anywhere that you have the logout action available to the user. So you press logout button on a client, the logout event is performed in the local client, then update is sent to the real time system. Then the listeners in the other clients receive that event and programmatically log out the user in each client instance.
Thanks for the reply,
As per your explanation it is a good approach to logout all the sessions of a particular user, but I need that if one session is usage the other session should not start, the user shouldn't be able to log in only on another device
so you want a user to only be able to be logged in on one device at a time?
being the most recent one
the same logic would apply then, you just change the trigger which logs out other sessions to whenever the user logs in
It is more hectic to log out all the sessions instead of blocking login and it is more error prone as I see and on top of that I think it will be difficult to test