Loggedin – Limit Active Logins

FAQ

How can I set the limit, and where? 🤔

This plugin does not have a seperate settings page. But we have one configural settings to let you set the login limit.

1. Go to Settings page in admin dashboard.
2. Scroll down to see the section 🔐 Loggedin.
3. Set the maximum number of active logins a user can have in Maximum Active Logins option.

Can I somehow allow new logins when the limit is reached? 🤔

You can forcefully logout the user from other devices and allow new login.

1. Go to Settings page in admin dashboard.
2. Scroll down to see the section 🔐 Loggedin.
3. Select the Login Logic as Allow.

Can I block the new logins when the limit is reached? 🤔

You block the new logins when the user is logged in from maximum no. of devices according to the limit you set.

1. Go to Settings page in admin dashboard.
2. Scroll down to see the section 🔐 Loggedin.
3. Select the Login Logic as Block.
4. Now user will have to wait for the other login sessions to expire before login from new device.

How long a login session exist? How long the user needs to wait for new login? 🤔

That depends. If the “Remember Me” box is checked while login, WordPress will keep the user logged in for 14 days by default. If “Remember Me” is not checked, 2 days will be the active login session time.

You can change that period using, auth_cookie_expiration filter.

function loggedin_auth_cookie_expiration( $expire ) {
    // Allow for a month.
    return MONTH_IN_SECONDS;
}

add_filter( 'auth_cookie_expiration', 'loggedin_auth_cookie_expiration' );

How can I forcefully logout a user from all devices? 🤔

You can forcefully logout a user from all the devices he has logged into. Get his WordPress user ID and,

1. Go to Settings page in admin dashboard.
2. Scroll down to see the section 🔐 Loggedin.
3. Enter user ID of the user you would like to logout.
4. Click Force Logout.

Can I bypass this limit for certain users or roles? 🤔

Yes, of course. But this time you are going to add few lines of code. Don’t worry. Just copy+paste this code in your theme’s functions.php file or in custom plugin:

function loggedin_bypass_users( $bypass, $user_id ) {
    // Enter the user IDs to bypass.
    $allowed_users = array( 1, 2, 3, 4, 5 );

    return in_array( $user_id, $allowed_users );
}

add_filter( 'loggedin_bypass', 'loggedin_bypass_users', 10, 2 );

Or if you want to bypass this for certain roles:

function loggedin_bypass_roles( $prevent, $user_id ) {
    // Array of roles to bypass.
    $allowed_roles = array( 'administrator', 'editor' );

    $user = get_user_by( 'id', $user_id );

    $roles = ! empty( $user->roles ) ? $user->roles : array();

    $bypassed = array_intersect( $roles, $allowed_roles );

    return ! empty( $bypassed );
}

add_filter( 'loggedin_bypass', 'loggedin_bypass_roles', 10, 2 );