@@ -56,7 +56,7 @@ def open_session(request, conn, user_id):
raise HTTPException(status_code=403, detail=_('Account suspended'))
# TODO This is a terrible message because it could imply the attempt at
# logging in just caused the suspension.
- # TODO apply [options] max_sessions_per_user
+
sid = uuid.uuid4().hex
conn.execute(Sessions.insert().values(
UsersID=user_id,
@@ -13,7 +13,6 @@ passwd_min_len = 8
default_lang = en
default_timezone = UTC
sql_debug = 0
-max_sessions_per_user = 8
login_timeout = 7200
persistent_cookie_timeout = 2592000
max_filesize_uncompressed = 8388608
@@ -596,23 +596,6 @@ function try_login() {
/* Generate a session ID and store it. */
while (!$logged_in && $num_tries < 5) {
- $session_limit = config_get_int('options', 'max_sessions_per_user');
- if ($session_limit) {
- /*
- * Delete all user sessions except the
- * last ($session_limit - 1).
- */
- $q = "DELETE s.* FROM Sessions s ";
- $q.= "LEFT JOIN (SELECT SessionID FROM Sessions ";
- $q.= "WHERE UsersId = " . $userID . " ";
- $q.= "ORDER BY LastUpdateTS DESC ";
- $q.= "LIMIT " . ($session_limit - 1) . ") q ";
- $q.= "ON s.SessionID = q.SessionID ";
- $q.= "WHERE s.UsersId = " . $userID . " ";
- $q.= "AND q.SessionID IS NULL;";
- $dbh->query($q);
- }
-
$new_sid = new_sid();
$q = "INSERT INTO Sessions (UsersID, SessionID, LastUpdateTS)"
." VALUES (" . $userID . ", '" . $new_sid . "', " . strval(time()) . ")";