Prevent double logins

If a user logs in from firefox, and then opens a copy of internet
explorer and logs in there too, how can I log them out of the firefox
session?

i.e. never allow the same user to be logged in in more than 1 place at
a time.

I’d have to know the session id of the first session and somehow get
into memcached’s hash and remove that session.

So I guess upon login I’ll grap the session id (from request.cookie?)
and update the user’s database record with the session id. Then upon
another login construct the same key memcached uses for the session (is
it just the session id? or some prefix/suffix added?) and call
CACHE.delete(key).

Any thoughts? Thanks.