Added the facilities for persistent sessions which last 30 days rather
than one day. Also fixed a bug with pruning expired sessions. git-svn-id: https://samskivert.googlecode.com/svn/trunk@120 6335cc39-0255-0410-8fd6-9bcaacd3b74c
This commit is contained in:
@@ -1,5 +1,5 @@
|
||||
//
|
||||
// $Id: UserManager.java,v 1.4 2001/03/02 07:35:39 mdb Exp $
|
||||
// $Id: UserManager.java,v 1.5 2001/05/26 04:37:35 mdb Exp $
|
||||
|
||||
package com.samskivert.servlet.user;
|
||||
|
||||
@@ -150,9 +150,14 @@ public class UserManager
|
||||
* response object. If invalid authentication information is provided
|
||||
* or some other error occurs, an exception will be thrown.
|
||||
*
|
||||
* @param username The username supplied by the user.
|
||||
* @param password The plaintext password supplied by the user.
|
||||
* @param persist If true, the cookie will expire in one month, if
|
||||
* false, the cookie will expire in 24 hours.
|
||||
*
|
||||
* @return the user object of the authenticated user.
|
||||
*/
|
||||
public User login (String username, String password,
|
||||
public User login (String username, String password, boolean persist,
|
||||
HttpServletResponse rsp)
|
||||
throws SQLException, NoSuchUserException, InvalidPasswordException
|
||||
{
|
||||
@@ -166,11 +171,15 @@ public class UserManager
|
||||
}
|
||||
|
||||
// generate a new session for this user
|
||||
String authcode = _repository.createNewSession(user);
|
||||
String authcode = _repository.createNewSession(user, persist);
|
||||
// stick it into a cookie for their browsing convenience
|
||||
Cookie acookie = new Cookie(USERAUTH_COOKIE, authcode);
|
||||
acookie.setPath("/");
|
||||
acookie.setMaxAge(24*60*60); // expire in two days
|
||||
if (persist) {
|
||||
acookie.setMaxAge(30*24*60*60); // expire in one month
|
||||
} else {
|
||||
acookie.setMaxAge(24*60*60); // expire in 24 hours
|
||||
}
|
||||
rsp.addCookie(acookie);
|
||||
|
||||
return user;
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
//
|
||||
// $Id: UserRepository.java,v 1.7 2001/05/26 03:23:22 mdb Exp $
|
||||
// $Id: UserRepository.java,v 1.8 2001/05/26 04:37:35 mdb Exp $
|
||||
|
||||
package com.samskivert.servlet.user;
|
||||
|
||||
@@ -207,20 +207,21 @@ public class UserRepository extends MySQLRepository
|
||||
|
||||
/**
|
||||
* Creates a new session for the specified user and returns the
|
||||
* randomly generated session identifier for that session. Sessions
|
||||
* are set to expire in two days which prevents someone from being
|
||||
* screwed if they log in at 11:59pm, but also prevents them from
|
||||
* leaving their browser authenticated for too long.
|
||||
* randomly generated session identifier for that session. Temporary
|
||||
* sessions are set to expire in two days which prevents someone from
|
||||
* being screwed if they log in at 11:59pm, but also prevents them
|
||||
* from leaving their browser authenticated for too long. Persistent
|
||||
* sessions expire after one month.
|
||||
*/
|
||||
public String createNewSession (final User user)
|
||||
public String createNewSession (final User user, boolean persist)
|
||||
throws SQLException
|
||||
{
|
||||
// generate a random session identifier
|
||||
final String authcode = UserUtil.genAuthCode(user);
|
||||
|
||||
// figure out what 48 hours from now is
|
||||
// figure out when to expire the session
|
||||
Calendar cal = Calendar.getInstance();
|
||||
cal.add(Calendar.DATE, 2);
|
||||
cal.add(Calendar.DATE, persist ? 30 : 2);
|
||||
final Date expires = new Date(cal.getTime().getTime());
|
||||
|
||||
// insert the session into the database
|
||||
@@ -248,7 +249,7 @@ public class UserRepository extends MySQLRepository
|
||||
public void invoke () throws SQLException
|
||||
{
|
||||
_session.execute("delete from sessions where " +
|
||||
"expires >= CURRENT_DATE()");
|
||||
"expires <= CURRENT_DATE()");
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user