It's a different aspect, refreshToken only helps you secure the application more properly compare to using 1 accessToken. If you want to restrict one user per device, you need to save users' info whenever they log in and confront it with newer info.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
If I understood correctly you can not be logged in on multiple devices because there is only one refresh token per user?
It's a different aspect, refreshToken only helps you secure the application more properly compare to using 1 accessToken. If you want to restrict one user per device, you need to save users' info whenever they log in and confront it with newer info.