I’ve created a simple blog using modx - if I log into a web user account (which has an associated user/document group) in more than one place at the same time, then change the password in one place then the other user can still access stuff and post comments etc... I would have expected at the very least the other user to be logged out.
I am unsure whether this is a bug with modx or my incorrect usage of the web users (though I cannot see anything obviously wrong). Is there an option to only allow a user to be logged in one location at a time?
If you need any more information about my setup please ask.
Thanks
-
MODX Staff
- 10,725 Posts
User permissions are stored in session and cleared only when that session ends.
So is there any way of limiting only one instance of a web user login at any one time?
-
☆ A M B ☆
- 24,524 Posts
It might be possible using the active_users table. Maybe a plugin, using the onBeforeWebLogin event. The plugin would check the username to see if it’s already in use.