Laravel 5.6 - Prevent Block Multiple Login Of Same Credentials

Today we are share with you one common but verry important tutorial how to prevent block multiple login of same credentials in laravel application using laravel session token key and google firebase. yes you can done this type functionality using laravel seeeion key and google firebase. in this tutorials we are also use google firebase because when user login in your laravel application from another PC or device then another login user automatic logout without page refresh. it is also possible only use of laravel session key and token but one problem with laravel session key user must be page refresh then after logout not without page refresh. so, here we are also use google firebase and done prevent block multi login in laravel application.

Recently we are work one laravel application and during done this project we are required prevent block multi login of same credentials with without page refresh. then we can done this using firebase and laravel token key.

First we are searching on google but i was not find any perfect logic for this so, i apply my own logic and built this type functionality because i also know google firebase very well.

Simply follow this step and you can built this type functionality in your laravel application. if you don't know more about google firebase then this link may be help you https://laravelcode.com/post/how-to-create-google-firebase-project

You can also check our video link here YouTube Video

Change in Users Table Migration:

Now we are change in our users table migration and add one extra filed in users migration. if you already users table in your database then you can add one extra field in users table


use Illuminate\Support\Facades\Schema;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;

class CreateUsersTable extends Migration
{
    /**
     * Run the migrations.
     *
     * @return void
     */
    public function up()
    {
        Schema::create('users', function (Blueprint $table) {
            $table->increments('id');
            $table->string('name');
            $table->string('email')->unique();
            $table->string('password');
            $table->string('session_id');
            $table->rememberToken();
            $table->timestamps();
        });
    }

    /**
     * Reverse the migrations.
     *
     * @return void
     */
    public function down()
    {
        Schema::dropIfExists('users');
    }
}	
	

After done this then run your migration using following command.


php artisan migrate	
	
Create Laravel Auth:

first we are create laravel bydefault auth using following command. if you already make auth then you can skip this step.


php artisan make:auth	
	

after run this command then look in you laravel application folder LoginController.php and some another files created automatic. but we are here use only LoginController.php file. because all login or logout logic you can write here and also overwrite all logincontroller method and function in this file.

Change in LoginController.php File:

Now, next step is change some in your app/Http/Controllers/Auth/LoginController.php file and simple copy and past following code in your LoginController


namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
use Illuminate\Http\Request;
use App\Http\Requests;
use App\User;
use DB;

class LoginController extends Controller
{
    /*
    |--------------------------------------------------------------------------
    | Login Controller
    |--------------------------------------------------------------------------
    |
    | This controller handles authenticating users for the application and
    | redirecting them to your home screen. The controller uses a trait
    | to conveniently provide its functionality to your applications.
    |
    */

    use AuthenticatesUsers;

    /**
     * Where to redirect users after login.
     *
     * @var string
     */
    protected $redirectTo = '/home';

    /**
     * Create a new controller instance.
     *
     * @return void
     */
    public function __construct()
    {
        $this->middleware('guest')->except('logout');
    }

    public function login(Request $request)
    {
        $this->validate($request, [
            'email' => 'required',
            'password' => 'required',
        ]);

        $user = \DB::table('users')->where('email', $request->input('email'))->first();

        if (auth()->guard('web')->attempt(['email' => $request->input('email'), 'password' => $request->input('password')])) {

            $new_sessid   = \Session::getId(); //get new session_id after user sign in

            if($user->session_id != '') {
                $last_session = \Session::getHandler()->read($user->session_id); 

                if ($last_session) {
                    if (\Session::getHandler()->destroy($user->session_id)) {
                        
                    }
                }
            }

            \DB::table('users')->where('id', $user->id)->update(['session_id' => $new_sessid]);
            
            $user = auth()->guard('web')->user();
            
            return redirect($this->redirectTo);
        }   
        \Session::put('login_error', 'Your email and password wrong!!');
        return back();

    }

    public function logout(Request $request)
    {
        \Session::flush();
        \Session::put('success','you are logout Successfully');
        return redirect()->to('/login');
    }
}
	
Change in app.blade.php File:

Now, we are add our google firebase code in resources/views/layouts/app.blade.php file. this code help to you when another user login with same email and password then previous account logout automatic without page refresh.

Simply add following javascript google firebase code into the bottom of your app.blade.php file


<script src="https://www.gstatic.com/firebasejs/4.9.1/firebase.js"></script>
<script type="text/javascript">
var session_id = "{!! (Session::getId())?Session::getId():'' !!}";
var user_id = "{!! (Auth::user())?Auth::user()->id:'' !!}";

// Initialize Firebase
var config = {
    apiKey: "firebase.api_key",
    authDomain: "firebase.auth_domain",
    databaseURL: "firebase.database_url",
    storageBucket: "firebase.storage_bucket",
};
firebase.initializeApp(config);

var database = firebase.database();

if({!! Auth::user() !!}) {
    firebase.database().ref('/users/' + user_id + '/session_id').set(session_id);
}

firebase.database().ref('/users/' + user_id).on('value', function(snapshot2) {
    var v = snapshot2.val();

    if(v.session_id != session_id) {
        toastr.warning('Your account login from another device!!', 'Warning Alert', {timeOut: 3000});
        setTimeout(function() {
           window.location = '/login';
        }, 4000);
    } 
});
</script>
	

Now we are ready to run our example so run bellow command ro quick run:


php artisan serve

Now you can open bellow URL on your browser:

	
http://localhost:8000/login

Please also check our demo for realtime CRUD system.

We are hope you like this tutorials, if any question regarding any query please post your question in our forums click on bellow link Laravelcode's Forums

 Prev post

Next post