Single-user login restrictions (single-point logon ??)

Ideas:

1. log on to the console and check whether the current user ID is active.

If it is not in the active status, record the Sessionid, user ID, and LastTime (UserOnline) of the current user)

If the user is active, the system prompts that the user has logged on. Secondary Logon is prohibited.

2. Keep communication --> after a user successfully logs on to the console, the user's activity status is kept in progress (communicates with the server every 2 seconds, and record the user's last communication time (update LastTime = getdate ())

The server determines the status of the current user in UserOnline based on the user ID and the current session ID during the entire night.

If the user is inactive, the feedback status is 0 and the page is forced to jump to the login page.

If it is in the active status, but the user ID and (Sessionid) and (UserOnline) are in the illegal login feedback status 0 and force the page to jump to the login page

 

3. The server (or SQL) regularly checks and cleans up UserOnline (users who have not communicated with the server for more than 10 seconds)

Implementation:

Continued: after one month of application, this method has a major problem:

Js restrictions, because asynchronous responses are implemented by Js. As a result, JS blocks the execution of other scripts (even if they are not on the same page) by default when Js pops up ),

That is to say, the JS pop-up window will be stopped when it is asynchronously returned. This requires further research ~~~

Sorry ~