Sep 30, 2019 05:48 AM|Yongqing Yu|LINK
Nearly, but I think your approach is to determine whether the user has logged in already and if their session hasn't time out yet, stop them logging in again, but given that the timeout period is 20 minutes, that could be a pain if you login in, close your
browser then try to login in again.. you'd have to wait 20 mins to get anywhere.
When you close the browser, although the content of the cache is not cleared, the content of the session has been cleared.
So when you log in to the page, you need to judge at the same time, if the cache is not null, and the session is not null, then remind the user not to log in.
If the cache value is not null and the session value is null, the user is allowed to log in.