Issue #2985067: Allow to set session limit per user

src/Services/SessionLimit.php

@@ -2,23 +2,24 @@
 
 namespace Drupal\session_limit\Services;
 
+use Drupal\Core\Config\ConfigFactory;
+use Drupal\Core\Database\Connection;
+use Drupal\Core\Extension\ModuleHandler;
 use Drupal\Core\Messenger\MessengerInterface;
 use Drupal\Core\Routing\RouteMatchInterface;
 use Drupal\Core\Session\AccountInterface;
+use Drupal\Core\Session\AccountProxy;
 use Drupal\Core\Session\AnonymousUserSession;
+use Drupal\Core\Session\SessionManager;
 use Drupal\Core\Url;
 use Drupal\session_limit\Event\SessionLimitBypassEvent;
 use Drupal\session_limit\Event\SessionLimitCollisionEvent;
 use Drupal\session_limit\Event\SessionLimitDisconnectEvent;
+use Drupal\user\Entity\User;
 use Symfony\Component\EventDispatcher\EventDispatcherInterface;
+use Symfony\Component\EventDispatcher\EventSubscriberInterface;
 use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpKernel\KernelEvents;
-use Symfony\Component\EventDispatcher\EventSubscriberInterface;
-use Drupal\Core\Database\Connection;
-use Drupal\Core\Session\AccountProxy;
-use Drupal\Core\Session\SessionManager;
-use Drupal\Core\Extension\ModuleHandler;
-use Drupal\Core\Config\ConfigFactory;
 use Drupal\Core\Logger\LoggerChannelFactoryInterface;
 
 class SessionLimit implements EventSubscriberInterface {
@@ -478,9 +479,12 @@ class SessionLimit implements EventSubscriberInterface {
       }
     }
 
-    // @todo reinstate per user limits.
-
-    return $limit;
+    // If there is a session limit for this user, return it. Otherwise, return
+    // the limit based on the role.
+    // Note, $account could be a proxy or a fully loaded user entity, to ensure
+    // all fields are available just load it.
+    $user = User::load($account->id());
+    return $user->session_limit->value ?? $limit;
   }
 
   /**