Reuse a session table entry if a user already has one.

git-svn-id: https://samskivert.googlecode.com/svn/trunk@1877 6335cc39-0255-0410-8fd6-9bcaacd3b74c
This commit is contained in:
mdb
2006-07-14 03:33:27 +00:00
parent b2d95a9541
commit 1805b5b9e3
2 changed files with 44 additions and 13 deletions
@@ -269,8 +269,8 @@ public class UserManager
HttpServletRequest req, HttpServletResponse rsp)
throws PersistenceException
{
// generate a new session for this user
String authcode = _repository.createNewSession(user, persist);
// register a session for this user
String authcode = _repository.registerSession(user, persist);
// stick it into a cookie for their browsing convenience
Cookie acookie = new Cookie(_userAuthCookie, authcode);
// strip the hostname from the server and use that as the domain
@@ -42,6 +42,7 @@ import com.samskivert.jdbc.jora.FieldMask;
import com.samskivert.jdbc.jora.Table;
import com.samskivert.util.HashIntMap;
import com.samskivert.util.StringUtil;
import com.samskivert.util.Tuple;
import com.samskivert.servlet.SiteIdentifier;
@@ -276,27 +277,57 @@ public class UserRepository extends JORARepository
}
/**
* Creates a new session for the specified user and returns the
* randomly generated session identifier for that session. Temporary
* sessions are set to expire at the end of the user's browser
* session. Persistent sessions expire after one month.
* Creates a new session for the specified user and returns the randomly
* generated session identifier for that session. If a session entry
* already exists for the specified user it will be reused.
*
* <p> Temporary sessions are set to expire in two days (the assumption is
* that the browser will be given a non-persistent cookie and we should
* prune the session table entry after some reasonable amount of time),
* persistent sessions expire after one month.
*/
public String createNewSession (final User user, boolean persist)
public String registerSession (final User user, boolean persist)
throws PersistenceException
{
// generate a random session identifier
final String authcode = UserUtil.genAuthCode(user);
// figure out when to expire the session
Calendar cal = Calendar.getInstance();
cal.add(Calendar.DATE, persist ? 30 : 2);
final Date expires = new Date(cal.getTime().getTime());
// insert the session into the database
// look for an existing session for this user
Tuple<Integer,String> session = execute(
new Operation<Tuple<Integer,String>>() {
public Tuple<Integer,String> invoke (
Connection conn, DatabaseLiaison liaison)
throws PersistenceException, SQLException
{
Statement stmt = conn.createStatement();
try {
String query = "select sessionId, authcode from sessions " +
"where userId = " + user.userId;
ResultSet rs = stmt.executeQuery(query);
while (rs.next()) {
return new Tuple<Integer,String>(
rs.getInt(1), rs.getString(2));
}
return null;
} finally {
JDBCUtil.close(stmt);
}
}
});
// if we found one, update its expires time and reuse it
if (session != null) {
update("update sessions set expires = '" + expires + "' " +
"where sessionId = " + session.left);
return session.right;
}
// otherwise create a new one and insert it into the table
String authcode = UserUtil.genAuthCode(user);
update("insert into sessions (authcode, userId, expires) values('" +
authcode + "', " + user.userId + ", '" + expires + "')");
// and let the user know what the session identifier is
return authcode;
}