How to enforce max active sessions in Next.js with better-auth?
Hey, I’m using Next.js with better-auth (Drizzle ORM + Postgres, Google OAuth only) and I want to implement a max active session feature.
I’d like to allow only one active session per user. Is it recommended to call await authClient.revokeOtherSessions() right after login in Next.js, or is there a better way to handle this?
What if I want to allow only the last 2 active sessions (i.e., revoke all older ones but keep the most recent 2)? Is there a built-in option for this, or should I manually do it?
Thanks!
1 Reply
You could probably do this with before hooks on the server side