I assume your current use case is as follows:
- The user opens a browser tab, loads your application page and logs in.
Then the user opens the second tab of the browser, loads your application page and already logs in (since the browser has the same cookies for all tabs or windows).
And you want to limit the user so that when loading the second tab a warning message appears instead: "You are already logged in to this site elsewhere, use this window or if you no longer have this window open, click here to log out and log in again.
Most solutions will use a one-time token for the application instance along with the session. If your application loads on one page and presents the user with a login window, then when the user logs in, you can send a one-time token, save it in a javascript variable and send it with all server requests. If the user downloads the application to a new tab, they request their initial data, and the server can generate a response saying that there is no token, and he needs to log out, close the window or switch to the already registered window.
Thus, the answer is important that you want to store a random string in your session on the server, submit it to the user when you log in, and check that each request has otherwise bounced them to the exit page. And in javascript of the web client, store this token and send it with each request to the server.