So, I've grasped the basics of login, however I'm looking to make it so only one user can be logged in to an account at one time. How could I go about achieving this do you think?

All you would need is to query a single BOOL inside of a database that is switched on and off on login/logout.

Hmm. It's cookie based right now. What about when the cookies expire?

The cookie is client side. You have to record someplace on your server that someone with that cookie is currently on.
And that brings another problem. When is someone logged out ?
Is it when they click a "logout" button/links, after x minutes of inactivity, both ???

This question is still there if you record on a database who is online/offline, but due to the nature of the web, if someone is logged on your site, and simply browse away to another site, what do you do ?
If you want to prevent his loggin from being used several places at the same time, he could maybe come back later to find himself locked out because he has not clicked on "log out".
Another problem I was confronted some years ago: IE can be setup to use new sessions on every ctrl+n.
In the case of a session based login, 2 windows of IE on the same computer would be seen like 2 different login, because of this setting.