User Session Management and Monitoring

The Drupal User Session Management Module gives you complete control over how your users can interact with your website. allows users to view all their active sessions and provides administrators with the ability to control the session limit, ensuring that only a configured number of concurrent sessions are permitted. Additionally, the module can automatically log out users after a period of inactivity. Acting as a robust session manager, this module offers comprehensive features to streamline session oversight and control.

See it in action - Sandbox Environment

What you can do with this module -

• Custom Session Lifetime: Control and set custom time durations for session validity, allowing changes to the default 23-day session lifetime for users.
• Concurrent Session Control: Restrict the number of concurrent user sessions. Define maximum sessions that can exist simultaneously. This can be applied as a globally setting or for specific user, group or role.
• Active Session Control: Enable users to view all their currently active sessions on a Drupal site and delete any sessions they don't recognize.
• Session History and Auditing: Allows users to check their session history, review their recent login activities, and take action if any suspicious activities are detected.
• Admin control over user session: Allow administrators to view all active sessions and the session history of all users. Administrators can delete any suspicious sessions and terminate all sessions for a specific user if needed.
• Session monitoring: Dive into detailed user session logs for enhanced monitoring and analysis. Eg. Login/Logout time, IP address, Active time, Device, Browser, Last seen, Login status
• Auto logout user: Automatically logout the user after a certain period of inactivity.
• Time-based access controls: Assign users role access for a particular period.
• Terminate user sessions on password modification: Instantly terminate all active user sessions upon modification of their password. This feature ensures real-time synchronization between password changes and session access.
• Terminate session on browser close: End a user session automatically when the browser is closed.
• IP-Based active sessions: Limit the number of active sessions from a specific IP address for a particular user. If they cross the session limit from a single IP address they will not be allowed to login.
• IP-Based session restriction: Blacklist or whitelist the list of IPs to prevent or allow user login based on the IP address.
• Single-click logout of all active sessions: Allows users to log out from all active sessions or devices with a single click.