tappleby · frg · Feb 20, 2015
diff --git a/src/Tappleby/AuthToken/AuthTokenController.php b/src/Tappleby/AuthToken/AuthTokenController.php
@@ -31,12 +31,14 @@ class AuthTokenController extends Controller {
 	 * @var \Illuminate\Events\Dispatcher
 	 */
 	protected $events;
+  public static $maxSimLogins;
 
-	function __construct(AuthTokenDriver $driver, \Closure $credentialsFormatter, Dispatcher $events)
+  function __construct(AuthTokenDriver $driver, \Closure $credentialsFormatter, Dispatcher $events, $maxSimLogins)
   {
     $this->driver = $driver;
-	  $this->credentialsFormatter = $credentialsFormatter;
-	  $this->events = $events;
+    $this->credentialsFormatter = $credentialsFormatter;
+    $this->events = $events;
+    self::$maxSimLogins = $maxSimLogins;
   }
 
   protected function getAuthToken() {

diff --git a/src/Tappleby/AuthToken/AuthTokenServiceProvider.php b/src/Tappleby/AuthToken/AuthTokenServiceProvider.php
@@ -42,9 +42,10 @@ public function register()
 		$app->bind('Tappleby\AuthToken\AuthTokenController', function ($app) {
 			$driver = $app['tappleby.auth.token']->driver();
 			$credsFormatter = $app['config']->get('laravel-auth-token::format_credentials', null);
+			$maxSimLogins = $app['config']->get('laravel-auth-token::max_simaltaneous_logins', 1);
 			$events = $app['events'];
 
-      return new AuthTokenController($driver, $credsFormatter, $events);
+      return new AuthTokenController($driver, $credsFormatter, $events, $maxSimLogins);
 		});
 	}
 

diff --git a/src/Tappleby/AuthToken/DatabaseAuthTokenProvider.php b/src/Tappleby/AuthToken/DatabaseAuthTokenProvider.php
@@ -114,8 +114,24 @@ public function purge($identifier)
       $identifier = $identifier->getAuthIdentifier();
     }
 
-    $res = $this->db()->where('auth_identifier', $identifier)->delete();
+    $toDelete = $this->db()->where('auth_identifier', $identifier)
+                      ->orderBy('created_at', 'DSC')
+                      ->skip(AuthTokenController::$maxSimLogins - 1)
+                      ->take(999999999999) // limit of table?
+                      ->get();
+
+    if (count($toDelete) > 0) {
+      foreach ($toDelete as $key => $authToken) {
+        $this->db()
+              ->where('auth_identifier', $authToken->auth_identifier)
+              ->where('public_key', $authToken->public_key)
+              ->where('private_key', $authToken->private_key)
+              ->delete();
+      }
+    } else {
+      return  0;
+    }
 
-    return $res > 0;
+    return 1;
   }
 }
diff --git a/src/config/config.php b/src/config/config.php
@@ -12,5 +12,6 @@
 			'email' => $username,
 			'password' => $password
 		);
-	}
+	},
+	'max_simaltaneous_logins' => 3
 );