@demon There’s no way right now to invalidate the session token which would be authorized on the other device without it being done by the game client code. You could handle the socket disconnect and observe the leave reason and based on that issue a logout from the game client itself.
Your use case’s requirements make a lot of sense to become an official solution. Can you open a feature request on the GitHub issue tracker for Nakama?