Reputation: 2511
Authlogic: Assuring that a user can't log in twice
Is there an easy way in Authlogic (haven't found nothing browsing the docs) to assure that a UserSession can't be created if the User already has an UserSession object?
In other words: I want to make sure that a user can't log in twice with the same credentials.
UPDATE: Check the comments on thief's answer to find the solution to this problem.
Upvotes: 1
Views: 1887
Answers (2)
Reputation: 24174
To my mind a cleaner approach is to use callbacks in the UserSession class. Like, you can define a before_create callback there, and mark the model as invalid in appropriate case. Haven't tried this out myself, though. Here are the docs for the Callbacks module.
Upvotes: 0
Reputation: 475
in your user sessions controller:
before_filter :require_no_user, :only => [:new, :create]
in your app controller:
def require_no_user
if current_user
store_location
flash[:notice] = "You must be logged out to access this page"
redirect_to account_url
return false
end
end
Upvotes: 3
Related Questions
- Rails and Authlogic: Allow only one session per user?
- authlogic validation
- Authlogic, rails3_acts_as_paranoid and validates_uniqueness_of :login + default_scope(:conditions => {:active => true})
- Authlogic: turn off uniqueness constraint
- Rails Authlogic authentication method
- Authlogic: verifying login/password
- How to avoid user keep trying login using Ruby on Rails?
- Rails Authlogic Prevent User from Changing their Login/Username
- Multiple User Logins in Rails
- Authlogic and multiple sessions for the same user