Create a web service that your application connects to, which will create a unique session id for each connection made. The service could be written in basically any web language that will allow post/get requests and such. So something like C#/WPF, PHP, etc. will work fine.
The service will have some basic things such as:
- createSessionToken(); [Returns string] - Creates a new token for the unique application connection. (Call when the app is started.)
- deleteSessionToken( token ); - Deletes the session token for this application. (Call when the app is closed.)
- updateSessionToken( token ); - Updates the timeout for the given token. (Called to keep the session active.)
- getActiveTokenCount(); [Returns integer] - Obtains a count of all active connections.
On the web-service, you'd have some sort of cron-job running every so often to automatically remove stale sessions that are not being updated properly. Such as having a server-sided timeout of 15minutes or something, but have the application update the session once every 5-10 minutes to avoid being removed.
Then your database the service uses could be something simple like:
- session_token : text (primary key) (Store the created session id.)
- session_timeout : BIGINT (Stores a unix timestamp of the last pinged update.)
- session_owner : text (Stores the owner IP of the session. Can be used to prevent the same IP from creating multiple sessions.)
So then a quick rundown of what would happen would be:
- Application starts; calls the web service 'createSessionToken()' function.
- Application obtains a unique session token from the service.
- Application calls the web service 'updateSessionToken( token )' function to keep the session marked as active.
- Application closes; calls the web service 'deleteSessionToken( token )' function to remove the session gracefully.
On the service end, you'd have things setup like:
createSessionToken would check the current session table for any sessions active by the requesting IP address. If found is found, update the timeout on it then return that already created session string instead of making a new one. This way you have 1 session per-IP. (If you want it that way of course.)
deleteSessionToken would delete the session from the database that matches the string given.
updateSessionToken would locate the session in the database and update the timeout for it with the current system timestamp.
getActiveTokenCount would just return a count of all sessions in the session table.