Skip to content

Latest commit

 

History

History
231 lines (174 loc) · 6.09 KB

README.md

File metadata and controls

231 lines (174 loc) · 6.09 KB
Raw

Sync Session

Overview

SyncSession is an architecture designed for distributed systems. Session data is stored in RDBS. It sends events to synchronize session status in all services.

Regularly update lastAccessTime to reduce the load of RDBS and improve concurrent processing capabilities

Requirement

  • Spring Boot 3+
  • Java 17+
  • Database (support MySQL and H2)

QuickStart

  1. Config

    @EnableSyncSession
public class SessionConfig {

}

    Distributed System

    If your infrastructure is a distributed system. You must implement SyncSessionEventService

    /**
* Cases of using redis.
*/
@Service
public class SyncSessionEventServiceImpl extends SyncSessionEventService implements InitializingBean {
    @Autowired
    private StringRedisTemplate stringRedisTemplate;

    @Autowired
    private RedisMessageListenerContainer listenerContainer;

    @Autowired
    private DefaultClientResources defaultClientResources;

    private final String topic = "session";

    @Override
    public void afterPropertiesSet() {
        defaultClientResources.eventBus().get().subscribe((event) -> {
            if (event instanceof ConnectedEvent) {
                publishConnectedEvent();
            }
        });
    }

    @Override
    public void send(String body) {
        stringRedisTemplate.convertAndSend(body);
    }

    @Override
    public void addListener(Consumer<String> listener) {
        listenerContainer.addMessageListener((message, pattern) -> {
            listener.accept(new String(message.getBody()));
        }, new PatternTopic(topic));
    }
}

  2. Use

    • Session operation

      RequestCacheHolder can be used anywhere.

      public class CustomFilter implements Filter {

    @Override
    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
        RequestCache<SyncSession> requestCache = RequestCacheHolder.get();
        // get session
        SyncSession syncSession = requestCache.getSession();
        // auto create session
        SyncSession syncSession = requestCache.getSession(true);
        // invalidate session
        syncSession.invalidate();
    }
}

    • Filter

      public class CustomFilter implements Filter {

    @Override
    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
        RequestCache<CustomSession> requestCache = RequestCacheHolder.get(CustomSession.class);
        // get session
        SyncSession syncSession = requestCache.getSession();
        syncSession.setCsrfToken("{token}");
    }
}

Advanced

Session properties

sync-session:
  cookie-name: SSESSIONID
  timeout: 30m

Session invalidate listener

Under the distributed service architecture, the session will be invalidated by any service, so through InvalidateBy, it is recognized whether the current service is invalidated or the notification from another service.

  • InvalidateBy

    • SELF: Indicates that the session is invalidated by the current service.

    • NOTICE: Indicates that the session is invalidated by another service.

@EnableSyncSession
public class SessionConfig implements InitializingBean {
    @Autowired
    private SyncSessionService<?> syncSessionServie;

    @Override
    public void afterPropertiesSet() throws Exception {
        syncSessionServie.addInvalidateListeners((id, name, type) -> {
            log.info("{} {} {}", id, name, type);
        });
    }
}

Set custom attribute

  1. Create Custom Session

    public class UserSession extends SyncSession {
    private String csrfToken;

    public String getCsrfToken() {
        return csrfToken;
    }

    public void setCsrfToken(String csrfToken) {
        this.csrfToken = csrfToken;
        // The mask data has changed
        this.save();
    }
}

  2. Extends SyncSessionServiceImpl

    public class CustomSessionService extends SyncSessionServiceImpl<CustomSession> {
    public UserSessionService(
        SyncSessionProperties properties
        , DataSource dataSource
        , @Nullable SyncSessionEventService sessionEventService
    ) {
        super(properties, dataSource, sessionEventService);
    }
}

Invalidate by username

Sometime need to invalidate all sessions by username.

public class UserSession {
    @Autowired
    private SyncSessionService syncSessionService;

    public void kick(String username) {
        syncSessionService.invalidateByUsername(username);
    }

    public void kickOther(String username) {
        String[] excludeSessionIds = {"...."};
        syncSessionService.invalidateByUsername(username, excludeSessionIds);
    }
}

Manage other system sessions

Manage other system sessions by central management system.

  1. Create SyncSessionOperatorService

    @Configuration
public class OtherSessionConfig {

    @Bean
    @Autowired
    public SyncSessionOperatorService<SyncSession> otherSyncSessionOperatorService(
           DataSource dataSource // other session storage
            , SyncSessionEventService sessionEventService
    ) {
        return new SyncSessionOperatorService<>(new SyncSessionProperties(), dataSource, sessionEventService);
    }
}

  2. Use SyncSessionOperatorService

    public class OtherUserService{
     @Autowired
     private SyncSessionOperatorService<SyncSession> otherSyncSessionOperatorService;

     public void kick(String username){
         otherSyncSessionOperatorService.invalidateByUsername(username);
     }
}