I recently did this.
My solution was to set the session value when a user logs in. Then I had a small class checking if the session ID stored is the same as the current user who is logged in.
If the user logs in from somewhere else the session ID in the DB will update and the "older" user will be logged out.
I didn't alter the Auth driver or anything, just put it on top when the user logs in. Below happens when login is successful:
$user->last_session = session_id();
$user->save();
To check if the session is valid I used below
if(session_id() != Auth::user()->last_session){
Auth::logout();
return true;
}
As you can see I added a column in the users table called last_session
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…