0

我通过将他们的 ID 存储在session[user].

我不希望用户从多个设备上的一个帐户登录。我希望该站点在用户登录时使其他会话过期。

我怎么做?

4

2 回答 2

2

The default session in Sinatra is just an alias for the underlying Rack session object. You need to use Rack::Session::Cookie directly instead of enable :sessions to set options like expiration (as described in the Sinatra FAQ: How Do I Use Sessions?):

# config.ru
use Rack::Session::Cookie, :key => 'rack.session',
                           :domain => 'foo.com',
                           :path => '/',
                           :expire_after => 2592000, # In seconds
                           :secret => 'change_me'   
于 2013-06-05T04:34:44.150 回答
1

You could use some caching store (like Memcached/Redis/Database) to keep record of logged in user as a key-value pair of userid to sessionid. In the code block where you create new session, check if key exists. If it does, expire the session id. Create new session and store the session id against the key.

Note I have not implemented exactly the same use case, but have done something similar using memcached. Using service like memcache to store this kind of information is much faster than using database.

于 2013-06-05T12:16:50.170 回答