Alternative would be to grant "VIEW DATABASE STATE" to the user (or better, db role) in each database you want that login to view the sessions.

After that, you do not need a special procedure, they can call sp_who2 directly and see only sessions on databases you have granted to.

That is less secure than signing method because VIEW DATABASE STATE permission also grants access to dmv's (limited to that databases), which might be not what you want.