Skip to main content
Solved

How to limit number of devices which are using the same user id?

  • November 17, 2021
  • 1 reply
  • 255 views
K
Forum|alt.badge.img+1

Hi there,

I want to know how should I be able to limit the number of devices with the same user id , and block the subscription provided after that on another device.

Like Netflix and Amazon does,  they only allow streaming on maximum 2 to 3 devices simultaneously on  there Standard plan.

Best answer by ryan

Hey @Kunal!

I think this is typically solved through whatever authentication provider your are using, or building something custom on your end to manage sessions.

The general flow could be:

  1. Customer logs in, you generate a “Session ID” and save it as the first item in an array on your customer object and in local storage on the device.
  2. If the “Session ID” array on the customer object in your database ever exceeds 3 (or however many devices you want to limit) throw out the oldest session ID.
  3. Every time the customer opens the app, check that the Session ID in local storage exists in the Session ID array on the customer object from your database. If not, log out the customer and make them re-authenticate (which would logout someone else).

There are ways customers could hack this, by sharing session IDs and overwriting local storage, but could be a good place to start for what you’re after.

Curious to hear if anyone else has implemented something similar.

View original
    Did this post help you find an answer to your question?

    1 reply

    ryan
    RevenueCat Staff
    Forum|alt.badge.img+9
    • ryan
    • RevenueCat Staff
    • 391 replies
    • Answer
    • November 18, 2021

    Hey @Kunal!

    I think this is typically solved through whatever authentication provider your are using, or building something custom on your end to manage sessions.

    The general flow could be:

    1. Customer logs in, you generate a “Session ID” and save it as the first item in an array on your customer object and in local storage on the device.
    2. If the “Session ID” array on the customer object in your database ever exceeds 3 (or however many devices you want to limit) throw out the oldest session ID.
    3. Every time the customer opens the app, check that the Session ID in local storage exists in the Session ID array on the customer object from your database. If not, log out the customer and make them re-authenticate (which would logout someone else).

    There are ways customers could hack this, by sharing session IDs and overwriting local storage, but could be a good place to start for what you’re after.

    Curious to hear if anyone else has implemented something similar.

    F
    1 person likes this
    • F
      Frederik

    Reply


    Most helpful members this week

    Terms & ConditionsCookie settings

    Cookie policy

    We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

     
    Cookie settings