I don't think you can achieve this in the way you want to, i.e. have "registered devices".
In order to have a registered device you would need a unique way to identify the device being used. This becomes difficult with a web application because you don't have access to enough of the device's information to get a unique identifier - you may be able to get something that is
probably unique enough but, unreliable at best.
So you might think to create a unique cookie that identifies the machine. That cookie is known by your server app (stored in DB) and can be used to authenticate all requests from that machine - simple enough. The problem is that cookies are accessible, modifiable and copy-able... so not a great solution. Not to mention they can easily be lost by the browser and then you have the pain of having to fix the problem for your user.
If you were happy with the risks of either then maybe you can do something. Grab all information you can get from the client machine and try to build a unique id.
Something like suggested here.[
^] Then use that to identify the machine - just don't expect it to be flawless.
However, my suggestion would be to forget the approach you are taking and instead look at limited the number of concurrent connections. This can easily be done with any type of token based authentication...
Every time a user logs in, you store the new token in your DB as "valid" and you make sure to invalidate all other previous tokens from the list (just delete them).
Then when you get a request to handle, you can check the authentication token and make sure it is a valid one.
Submit an article or tip