I want to prevent simultaneous login from different computers to the same account in my .Net core Web Api and Angular 12 project. How should I go about this?

CodePudding user response：

If there is an existing user, will the new user be blocked?
Decide whether to disconnect the authentication of the existing user?


Block new logins:
The company I worked for implemented it via "SignalR".
If the user does not respond, it is considered hung and the DB is updated.


Break existing login :
In the new project
Designate a 'secret key' for each user
By changing this 'secret key',
Existing users (access tokens) are expiring.

If you do not need to disconnect immediately, you can solve the problem by clearing the refresh token.

CodePudding user response：

Try adding a column in DB for login status of the user and using that you can restrict multiple login