How to know if a session already exists on a system?

Asked

Viewed 92 times

3

I have an application where the user can only be logged in to a device at the same time, how can I do this restriction?

I use the Parse.com service, it provides an API for data exchange between an app and the cloud.

Example: I created my account, I logged in on a device and my login it is saved (in my case I put in Sharedprefferences on android), whenever you open the app do not need to login again, ie enter login and password. If the user passes his login and password to third parties, and these third parties try to access from another device I mean that there is already a session on X device, and block the access of the third party.

The most correct would be to create a table in the webservice where I store the sessions and Seto something as true, if it is active?

If you have other better ways, thank you.

android session software-architecture parse.com

  • It depends on what Voce refers to as a session. Is it a session cookie? Session in an operating system? "Session" in a long-Polling?

  • Create a socket , when the socket disconnect is that the client got off

  • 1

    I believe that a good way to do this would be to create user sessions on the server. For example, logged in, generated a sessionid, and that sessionId has to be passed on every request made, and the server checks if that sessionid is valid.

  • I edited the question

  • Did you stop to think that if the user’s cell phone is stolen, he won’t be able to get out of the way so he can access the account through another device? How do you want to solve this, will sessionid expire after a while? How long is it tolerable for the user to be without access to the account?

1 answer

0

Create a socket between client and server , when the disconnect socket is that the client got off.

On the client side just create a communication socket.

On the server side, wait for new clients to connect, for each connected client to create a thread, within the thread receive messages from the client, depending on the implementation when launching an Exception or a message null means the customer is off.

  • The app probably queries webservices, in which case you need to implement user authentication to be able to access these webservices and not add socket communication, which would make things more complex and increase battery consumption with keepalives.

  • Exact @Piovezan

  • Um, yes I thought this solution to be valid only to not allow the same account to remain active on more than one device at the same time. That’s what I understood at first.

  • Because the way q the problem was proposed in my view it would not make sense to pass the password to someone. So I got it wrong

Browser other questions tagged android session software-architecture parse.com

You are not signed in. Login or sign up in order to post.