TYPO3 framework allows easy creation of protected pages. These pages can be accessed only by the front end users, if they provide the correct username and password.

TYPO3 by default allows the same username and password to be used multiple times at a time, possibly from different computers scattered all over the Internet. If you would like to password protect in such way that a user can be logged in only once at a time, read on...

You will need to extend the tslib_feUserAuth class. If you have some extensions loaded which also extend this class, you might get conflicts.

To extend the tslib_feUserAuth class add the following line to the localconf.php:

$TYPO3_CONF_VARS["FE"]["XCLASS"]
   ["tslib/class.tslib_feuserauth.php"] = 
       PATH_site."class.ux_FrontEndUserExtension.php";

Create a file class.ux_FrontEndUserExtension.php with the following contents:

class ux_tslib_feUserAuth extends tslib_feUserAuth 
{      
   function createUserSession ($tempuser) {
      parent::createUserSession ($tempuser);

      // delete all other active sessions 
      // with the same username
      $GLOBALS['TYPO3_DB']->exec_DELETEquery(
         $this->session_table,
         'ses_id != '.$GLOBALS['TYPO3_DB']->fullQuoteStr(
                        $this->id, 
                        $this->session_table).
         'AND ses_userid = '.
            $GLOBALS['TYPO3_DB']->fullQuoteStr(
               $tempuser[$this->userid_column], 
               $this->user_table));
   }
}

Now whenever a user logins to a protected front end page, he will automatically logout the previously logged in user with the same username.

Bookmark now: