Using node v12, Express 4, and connect-pg-simple
During our security evaluation is was discovered that if a user logs in successfully, and logs in again successfully, that the prior session remains valid.
I'd like for the second login to revoke the first session. Failure to do so means the user can be logged-in in two different browsers.