diff --git a/modules/member/lang/en.php b/modules/member/lang/en.php
index 2b4182497..e5685150f 100644
--- a/modules/member/lang/en.php
+++ b/modules/member/lang/en.php
@@ -202,6 +202,7 @@ $lang->cmd_password_hashing_algorithm = 'Password Hashing Algorithm';
$lang->cmd_password_hashing_work_factor = 'Password Hashing Work Factor';
$lang->cmd_password_hashing_auto_upgrade = 'Auto-upgrade Hashing Algorithm';
$lang->cmd_password_change_invalidate_other_sessions = 'Log out other devices on password change';
+$lang->cmd_login_invalidate_other_sessions = 'Log out other devices';
$lang->password_strength_low = 'low';
$lang->password_strength_normal = 'normal';
$lang->password_strength_high = 'high';
@@ -210,6 +211,7 @@ $lang->about_password_hashing_algorithm = 'You can choose how to encrypt (hash)
$lang->about_password_hashing_work_factor = 'Higher work factors are more secure, but logins may take a long time. This only applies to bcrypt and pbkdf2.';
$lang->about_password_hashing_auto_upgrade = 'Passwords encrypted using different algorithms will be automatically converted to the configured algorithm at next login.';
$lang->about_password_change_invalidate_other_sessions = 'Log out all other devices (browsers) when a member changes the password.';
+$lang->about_login_invalidate_other_sessions = 'Only allow login from one device. Previously used devices will be logged out automatically.';
$lang->about_password_strength['low'] = 'the password must be at least 4';
$lang->about_password_strength['normal'] = 'the password must be at least 6, and must have at least one alpha character and numeric characters';
$lang->about_password_strength['high'] = 'the password must be at least 8, and must have at least one alpha character, numeric character and special character ';
diff --git a/modules/member/lang/ko.php b/modules/member/lang/ko.php
index 2ef837d64..f7b29d2dc 100644
--- a/modules/member/lang/ko.php
+++ b/modules/member/lang/ko.php
@@ -209,6 +209,7 @@ $lang->cmd_password_hashing_algorithm = '비밀번호 암호화 알고리듬';
$lang->cmd_password_hashing_work_factor = '비밀번호 암호화 소요시간';
$lang->cmd_password_hashing_auto_upgrade = '알고리듬 자동 업그레이드';
$lang->cmd_password_change_invalidate_other_sessions = '비번 변경시 다른 기기 로그아웃';
+$lang->cmd_login_invalidate_other_sessions = '다른 기기 로그아웃';
$lang->password_strength_low = '낮음';
$lang->password_strength_normal = '보통';
$lang->password_strength_high = '높음';
@@ -217,6 +218,7 @@ $lang->about_password_hashing_algorithm = '회원들의 비밀번호를 DB에
$lang->about_password_hashing_work_factor = '시간이 오래 걸리는 알고리듬일수록 보안이 강하지만, 로그인이 오래 걸릴 수 있습니다. bcrypt 및 pbkdf2 알고리듬에만 적용됩니다.';
$lang->about_password_hashing_auto_upgrade = '설정된 알고리듬과 다른 방법으로 암호화된 비밀번호가 있으면 다음 로그인시 설정된 알고리듬으로 자동 변환합니다.';
$lang->about_password_change_invalidate_other_sessions = '비밀번호를 변경하면 현재 기기(브라우저)를 제외한 모든 로그인이 풀리도록 합니다.';
+$lang->about_login_invalidate_other_sessions = '한 번에 하나의 기기에서만 로그인할 수 있도록 합니다.';
$lang->about_password_strength['low'] = '비밀번호는 4자 이상이어야 합니다.';
$lang->about_password_strength['normal'] = '비밀번호는 6자리 이상이어야 하며 영문과 숫자를 반드시 포함해야 합니다.';
$lang->about_password_strength['high'] = '비밀번호는 8자리 이상이어야 하며 영문과 숫자, 특수문자를 반드시 포함해야 합니다.';
diff --git a/modules/member/member.admin.controller.php b/modules/member/member.admin.controller.php
index 772548524..2e813590e 100644
--- a/modules/member/member.admin.controller.php
+++ b/modules/member/member.admin.controller.php
@@ -491,8 +491,9 @@ class memberAdminController extends member
'enable_login_fail_report',
'max_error_count',
'max_error_count_time',
+ 'login_invalidate_other_sessions',
'after_login_url',
- 'after_logout_url'
+ 'after_logout_url',
);
if(!count($args->identifiers))
diff --git a/modules/member/member.controller.php b/modules/member/member.controller.php
index d86f994bc..95da46058 100644
--- a/modules/member/member.controller.php
+++ b/modules/member/member.controller.php
@@ -2447,7 +2447,6 @@ class memberController extends member
// Update the latest login time
$args->member_srl = $member_info->member_srl;
$output = executeQuery('member.updateLastLogin', $args);
-
self::clearMemberCache($args->member_srl);
// Check if there is recoding table.
@@ -2507,9 +2506,17 @@ class memberController extends member
Rhymix\Framework\Session::setAutologinKeys(substr($random_key, 0, 24), substr($random_key, 24, 24));
}
}
-
+
+ // Log in!
Rhymix\Framework\Session::login($member_info->member_srl);
$this->setSessionInfo();
+
+ // Log out all other sessions if so configured.
+ if ($config->login_invalidate_other_sessions === 'Y')
+ {
+ Rhymix\Framework\Session::destroyOtherSessions($member_info->member_srl);
+ }
+
return $output;
}
diff --git a/modules/member/tpl/login_config.html b/modules/member/tpl/login_config.html
index 3345c4bca..b29ea72d6 100644
--- a/modules/member/tpl/login_config.html
+++ b/modules/member/tpl/login_config.html
@@ -43,6 +43,14 @@