[eluser]TheFuzzy0ne[/eluser]
Just store it in the database:
user_id | ip_address
When the user logs in, update the IP address. Check on each following request that the IP address matches the one in the database, if it doesn't, someone else has logged in (thus changing the IP address), so log the other user out on his next request.
EDIT: You could also change the field to reflect the user agent instead, so logging on with a different browser would also kill the old session on the next request.