What about simply having a hash mapping usernames to their most recent session ID?
If the user is just logging on, update the hash. If the user is doing anything else, check to make sure that their current session matches the one in the hash.
| [reply] |
That's a good idea... but I must use memcached, as this code needs to run on a farm of webservers (each one pushing as much throughput as possible), with many memcached servers. This may be premature... but after reading the CGI::Session::Driver::memcached code, I believe, that in my case, it's unusable. It uses the sid as the key. This will fill up my 4G memcached space in no time. Since the sid is random, I won't have any practical method to age out sessions. I have already written my own driver to replace it. Thanks for your reply.
| [reply] |
Stop duplicate simultaneous logins.
| [reply] |