ok,
I am going to use the insight method,
So far I got this,
1st time user1 is loggin in from device1 > authenticated.
2nd time user1 is logging in form device2 > denied. Which is fine.
But if the user2 is logging in from device1 (user1 already logged in from device1) > authenticated (I want this to be denied).
This is what I dont want, once a user1 log in from a device1 it would get register for that particular user. Other user (user2) should not be able to login from that device (device1).
Also how many days insight repository will cache the auth session details.