From 4f305d7a0d67f4b6a677f3229815ab54866bd6be Mon Sep 17 00:00:00 2001
From: Akhil Narang <me@akhilnarang.dev>
Date: Tue, 24 Feb 2026 14:24:19 +0530
Subject: [PATCH] fix: allow one session per user should override simultaneous
 sessions (for non-admins)

Update description to match

Signed-off-by: Akhil Narang <me@akhilnarang.dev>
---
 frappe/auth.py                                           | 6 +++++-
 frappe/core/doctype/system_settings/system_settings.json | 3 +--
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/frappe/auth.py b/frappe/auth.py
index 5a447a99af..1658930317 100644
--- a/frappe/auth.py
+++ b/frappe/auth.py
@@ -253,7 +253,11 @@ class LoginManager:
 		):
 			return
 
-		clear_sessions(frappe.session.user, keep_current=True)
+		clear_sessions(
+			frappe.session.user,
+			keep_current=True,
+			force=frappe.session.user != "Administrator",
+		)
 
 	def authenticate(self, user: str | None = None, pwd: str | None = None):
 		from frappe.core.doctype.user.user import User
diff --git a/frappe/core/doctype/system_settings/system_settings.json b/frappe/core/doctype/system_settings/system_settings.json
index c1aa3fb0d7..75d1bd978a 100644
--- a/frappe/core/doctype/system_settings/system_settings.json
+++ b/frappe/core/doctype/system_settings/system_settings.json
@@ -248,7 +248,6 @@
   },
   {
    "default": "0",
-   "description": "Note: Multiple sessions will be allowed in case of mobile device",
    "fieldname": "deny_multiple_sessions",
    "fieldtype": "Check",
    "label": "Allow only one session per user"
@@ -790,7 +789,7 @@
  "icon": "fa fa-cog",
  "issingle": 1,
  "links": [],
- "modified": "2026-01-02 18:13:45.430712",
+ "modified": "2026-02-24 14:27:04.763075",
  "modified_by": "Administrator",
  "module": "Core",
  "name": "System Settings",