I've found a few questions related to preventing duplicate logins but all the answers are years old and reference upcoming features.
"it's possible to add a Cloud Script-based "is the player already logged in" check for until we support blocking second-screen sign-ins."
"We do plan to provide a token-based login, to make this easier in future. We do not have a date for that, but it is in the backlog for prioritization as soon as the entity architecture update is completed."
I'd like to know if these features are currently available or is the best-practice to still use Cloud Script to write our own "current session" token and refresh it every 2 minutes or so while rejecting new logins until the "current session" expires?