Description
Currently we have a security policy to not allow concurrent logins for same user login.
Can we enquire if there is such a feature to disallow concurrent login for the same user at the same time?
Steps to reproduce:
-
- Login as any user at the following host:
https://self-hosted rocketchat.com
-
Login as the same user in a different browser or incognito/private mode.
-
The functions could be interacted with in both sessions.
Server Setup Information
- Version of Rocket.Chat Server: v6.9.2
- Operating System: Linux System
- Deployment Method: Docker
- Number of Running Instances: 1 Server & 1 Database instance
- NodeJS Version: 14.21.3
- MongoDB Version: 6.0.15
Things to note:
- We are running rocketchat integration with LDAP
reetp
2
Hi,
What licence are you using? There may be something in Pro/EE but I am not sure.
You might be able to with 2FA - check under Settings/Accounts. Not sure there is another method.
Bear in mind people may use a desktop and mobile application at the same time?
Hi,
Thank you for the quick response!
We are actually on the free community version and our setup is air-gapped. Hence, our users are not using mobile application to access.
Can we confirm that there is no such feature for the community edition at this point of time?
Thank You!
reetp
4
Not as far as I’m aware beyond 2FA which has token timeouts IIRC. Please check that.
I will double check but might a few days.
Hi,
Is there any update and can we get a confirmation there is no such feature of disabling concurrent login for the community edition?
Thank You!
reetp
6
I am waiting for an answer. I will get back to you when I can.
reetp
7
Answer is nothing beyond the 2FA settings mentioned above which you probably should check if you have high security requirements…
noted on the issue above.
So I can confirm apart from the 2FA that Rocketchat does not natively support the disable concurrent login feature, correct?
reetp
9
As per my previous.
It isn’t a feature in any version.
Not sure if you could somehow use custom JS, or if you would have to code something specific.
You could open a feature request here. A PR would be welcome!!
Hi Thank you for the response.
We will open a feature request in the future.
Thank You!
1 Like