summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--aurweb/routers/sso.py2
-rw-r--r--conf/config.defaults1
-rw-r--r--web/lib/acctfuncs.inc.php15
3 files changed, 1 insertions, 17 deletions
diff --git a/aurweb/routers/sso.py b/aurweb/routers/sso.py
index 2e4fbacc..73c884a4 100644
--- a/aurweb/routers/sso.py
+++ b/aurweb/routers/sso.py
@@ -56,7 +56,7 @@ def open_session(request, conn, user_id):
raise HTTPException(status_code=403, detail=_('Account suspended'))
# TODO This is a terrible message because it could imply the attempt at
# logging in just caused the suspension.
- # TODO apply [options] max_sessions_per_user
+
sid = uuid.uuid4().hex
conn.execute(Sessions.insert().values(
UsersID=user_id,
diff --git a/conf/config.defaults b/conf/config.defaults
index 49259754..98e033b7 100644
--- a/conf/config.defaults
+++ b/conf/config.defaults
@@ -13,7 +13,6 @@ passwd_min_len = 8
default_lang = en
default_timezone = UTC
sql_debug = 0
-max_sessions_per_user = 8
login_timeout = 7200
persistent_cookie_timeout = 2592000
max_filesize_uncompressed = 8388608
diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php
index b3822eaf..bc603d3b 100644
--- a/web/lib/acctfuncs.inc.php
+++ b/web/lib/acctfuncs.inc.php
@@ -596,21 +596,6 @@ function try_login() {
/* Generate a session ID and store it. */
while (!$logged_in && $num_tries < 5) {
- $session_limit = config_get_int('options', 'max_sessions_per_user');
- if ($session_limit) {
- /*
- * Delete all user sessions except the
- * last ($session_limit - 1).
- */
- $q = "DELETE FROM Sessions ";
- $q.= "WHERE UsersId = " . $userID . " ";
- $q.= "AND SessionID NOT IN (SELECT SessionID FROM Sessions ";
- $q.= "WHERE UsersID = " . $userID . " ";
- $q.= "ORDER BY LastUpdateTS DESC ";
- $q.= "LIMIT " . ($session_limit - 1) . ")";
- $dbh->query($q);
- }
-
$new_sid = new_sid();
$q = "INSERT INTO Sessions (UsersID, SessionID, LastUpdateTS)"
." VALUES (" . $userID . ", '" . $new_sid . "', " . strval(time()) . ")";