我看到至少有4个用户提出了这个问题，所以我决定创建护照策略为此。新策略称为护照 - 每用户一个用户。您可以访问这里的开源策略： https://github.com/AminaG/护照 - 一人一用户

I saw that at least 4 users upvote this question, so I decided to create passport-strategy for that. The new strategy called passport-one-session-per-user. It's open source strategy you can access here: https://github.com/AminaG/passport-one-session-per-user

如何使用？在 session 之后添加它。例如：

How to use it? add it right after session. For example:

app.use(passport.session())
var passportOneSessionPerUser=require('passport-one-session-per-user')
passport.use(new passportOneSessionPerUser())
app.use(passport.authenticate('passport-one-session-per-user'))

不需要设置或配置。

如何工作？

策略创建了一个包含串行用户对象和sessionID的数组。

The strategy, created an array that contain serializaed user objects, and sessionID.

每次用户登录时，策略都会检查用户是否已经登录，如果是，则标记其他会话。下一次在另一个会话中的用户发出请求时，策略将看到该标志，并将该用户登录。

Every time user logged in, the strategy check if the user already logged in. If so, it's flag the other session. The next time the user in the other session make a request, the strategy see the flag, and log the user out.