-
- 2 Posts
I’ve created a simple blog using modx - if I log into a web user account (which has an associated user/document group) in more than one place at the same time, then change the password in one place then the other user can still access stuff and post comments etc... I would have expected at the very least the other user to be logged out.
I am unsure whether this is a bug with modx or my incorrect usage of the web users (though I cannot see anything obviously wrong). Is there an option to only allow a user to be logged in one location at a time?
If you need any more information about my setup please ask.
Thanks
User permissions are stored in session and cleared only when that session ends.
-
- 2 Posts
So is there any way of limiting only one instance of a web user login at any one time?
It might be possible using the active_users table. Maybe a plugin, using the onBeforeWebLogin event. The plugin would check the username to see if it’s already in use.