public void CheckExceededMaxConcurrent(string username, System.Web.HttpSessionStateBase session)
{
if (!string.IsNullOrWhiteSpace(username))
{
_userDataAccess = new UserDataAccess(_context);
if (session["sessionid"] == null)
{
session["sessionid"] = "empty";
}
// check to see if your ID in the Logins table has LoggedIn = true - if so, continue, otherwise, redirect to Login page.
if (_userDataAccess.IsYourLoginStillTrue(username, (session["sessionid"] as string)))
{
// check to see if your user ID is being used elsewhere under a different session ID
if (!_userDataAccess.IsUserLoggedOnElsewhere(username, (session["sessionid"] as string)))
{
// Do nothing
}
else
{
// if it is being used elsewhere, update all their Logins records to LoggedIn = false, except for your session ID
_userDataAccess.LogEveryoneElseOut(username, (session["sessionid"] as string));
}
}
else
{
// Go to Login page
session["sessionid"] = null;
}
}
else
{
// Go to Logout page
session["sessionid"] = null;
session.Clear();
session.Abandon();
session.RemoveAll();
}
}
