You're going to have to bend your constraints a bit to make this work.
First, give up on basic authentication. It does nothing to prevent multiple people from being logged in simultaneously.
An approach that might work relies on "branding" each browser with a unique cookie value. (merlyn has an
article that demonstrates how to do this.)
Once you can brand each browser, it's a matter of bookkeeping to ensure that only one browser is logged in at a time. The logic goes something like this:
- When a browser accesses a CGI in your "highlander" directory, the CGI first verifies that the browser has a unique id cookie. If unable to establish an id cookie, the CGI can deny service with an "Allow cookies!" message.
- Next, the CGI determines if anyone is already logged in. If so, the CGI spits back a "Sorry" response.
- If nobody is logged in, the browser presents a login form.
- When the form is submitted, the CGI first checks to see if anyone sneaked in in the meantime. If so, the CGI emits a "Sorry, not quick enough" response. Otherwise, the CGI verifies the username and password, then performs some bookkeeping to note that this particular browser is logged in. (There are race conditions here that you'll need to be careful with).
- When the CGI sees that the requesting browser is logged in, instead of a "login" form, it presents a "logout" button. When invoked, the logout action merely does a bit of bookkeeping to note that the given browser isn't logged in anymore.
- All access to "content" is via the same CGI. Keep the content in a directory that isn't web accessible.
You're still going to have to deal with logging out users who log in, then wander off to dinner. The CGI can do this by including a "last accessed" timestamp for the logged-in user, logging them out if the timestamp gets stale.
Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
Read Where should I post X? if you're not absolutely sure you're posting in the right place.
Please read these before you post! —
Posts may use any of the Perl Monks Approved HTML tags:
- a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
| |
For: |
|
Use: |
| & | | & |
| < | | < |
| > | | > |
| [ | | [ |
| ] | | ] |
Link using PerlMonks shortcuts! What shortcuts can I use for linking?
See Writeup Formatting Tips and other pages linked from there for more info.