Closed EgMan closed 2 years ago
For now, you can have unlimited sessions. I added an extra protection in that login_session now included the client IP, but I have no idea how that works with reverse proxies and such (doing testing now)
Actually, I'm removing the ip address check. Doesn't really provide much security and is annoying for roaming users. Still storing ip address with login session though.
Instead of having just one session, we like 3 maybe