The uproach that Bachov shared can do the work. Of course there could be many variations to it, no need to match session id with the log in id , if you have an architecture that provides different log in ids for each user , and therefore no reason to delete session after log out.
But to be honest it is one of the issues that the solution has to do with how really you mean the “log out” and how important is this for your app. Most users will not even push a log out button, or they will close the tab, the window, the browser or even let it open until session expires (don’t think about onunload event) . So if you really mean it that you want to know the log in time there is a cost to that, for example an AJAX call every x seconds just saying that me with log in id X I am still here.
I am one of those that really anxious of how WebSockets will change the way we work. If we suppose that this technology is available to anyone through any browser, in the same way, then these tasks can be done through that , without even the use of AJAX . How big the cost will be is just a debating subject ( I have done my tests so far but I don’t have a definite answer since this is just emerging).