rejetto forum

HFS account at same time double login...

Guest · 8 · 4103

0 Members and 1 Guest are viewing this topic.

kycken

  • Guest
Hi!

I wanna a function is if...

Account Name:abc password 123 Login at A area,

but in B area use same account login. HFS will tell the user this login name

have login in another side then it don't double login or HFS will pause the account!!!

Is this function possible or not??

thank you(^_^)


Offline rejetto

  • Administrator
  • Tireless poster
  • *****
    • Posts: 13517
    • View Profile
what's an "area" ?

Quote
HFS will tell the user this login name

i don't understand


Offline bacter

  • Operator
  • Tireless poster
  • *****
    • Posts: 681
    • View Profile
It seems to me that he wants to avoid double login from two computers with the same account name.

But with basic autentication there seems no way to avoid it, as HFS has no list of logged-in users.
your computer has no brain - use your own !


Offline TSG

  • Operator
  • Tireless poster
  • *****
    • Posts: 1935
    • View Profile
    • RAWR-Designs
Well you probably cant limit it to one computer... however you could limit it to IP's. One active logged in user session / ip address. It would only be a problem if someone has a dynamic IP and it changes while downloading a large protected file, however the browser/downloader should just prompt a login. Most dynamic ip's wont change unless forced by the modem with a redial, that's how all the ones I have had are anyway.

It's an idea.


kycken

  • Guest
it mean only accept one user name login to HFS at the time!

Another person can't use same login name to login HFS!!

is possible? ???


Offline rejetto

  • Administrator
  • Tireless poster
  • *****
    • Posts: 13517
    • View Profile
there's no such feature available.
but someone may script it....


Offline bacter

  • Operator
  • Tireless poster
  • *****
    • Posts: 681
    • View Profile
with basic authentication there is not much to script for such a feature.

You could do something with IP's or partial IP's (checking provider) and using User-agent from the request header (browser and ip related to a account) to do further checking.

But this gives a lot of cases that canĀ“t match any rule:

- There is no logout in HFS, so when will we consider that a user is logged in? When he did no request in the last xx minutes?

- Consider users are accessing from a campus or company network ... ten users may appear as one user with the same IP! nothing to do !

your computer has no brain - use your own !


Offline rejetto

  • Administrator
  • Tireless poster
  • *****
    • Posts: 13517
    • View Profile
- There is no logout in HFS, so when will we consider that a user is logged in? When he did no request in the last xx minutes?

on this specific task, having the logout would not solve the problem, because most people don't "logout" from websites, but just close the tab/window.
this feature should anyway rely on a sort of timeout.

Quote
- Consider users are accessing from a campus or company network ... ten users may appear as one user with the same IP! nothing to do !

indeed this must use cookies (or sessions). but if you truly want, you can use cookies with the current authentication system.