Support servlet session store in native servlets (i.e. Pedestal apps)

immutant · Oct 8, 2013 · 67ec5a8 · 67ec5a8
1 parent fc063cb
commit 67ec5a8
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 9 deletions.
diff --git a/modules/web/src/main/clojure/immutant/web/servlet.clj b/modules/web/src/main/clojure/immutant/web/servlet.clj
@@ -53,7 +53,9 @@
   (init [_ config]
     (with-tccl (.init servlet config)))
   (service [_ request response]
-    (with-tccl (.service servlet request response)))
+    (with-tccl
+      (binding [current-servlet-request request]
+        (.service servlet request response))))
   (destroy [_]
     (.destroy servlet))
   (getServletConfig [_]

diff --git a/modules/web/src/main/clojure/immutant/web/session/internal.clj b/modules/web/src/main/clojure/immutant/web/session/internal.clj
@@ -32,18 +32,27 @@
                     \=
                     (cookie-encoder (.getId session)))))
 
+(defn ^:internal servlet-cookie-dedup-handler
+  "Remove duplicate cookies from a response object.  Use this
+   in an interceptor before the session interceptor running
+   inside the ServletProxy, e.g.
+   (defon-response dedup-session-cookies [response]
+     (session-internal/servlet-cookie-dedup-handler response)"
+  [response]
+  (let [session (.getSession current-servlet-request false)]
+    (if (and session (session/using-servlet-session? session))
+      (update-in response [:headers "Set-Cookie"]
+                 #(remove
+                   (partial cookie-matches-servlet-session-cookie? session)
+                   %))
+      response)))
+
 (defn ^:internal servlet-session-wrapper
   "Middleware that attempts to prevent duplicate cookies when the
   servlet session is being used. If the servlet session is active and
   the response includes a cookie with the same name and id, it is
   stripped."
   [handler]
   (fn [request]
-    (let [response (handler request)
-          session (.getSession current-servlet-request false)]
-      (if (and session (session/using-servlet-session? session))
-        (update-in response [:headers "Set-Cookie"]
-                   #(remove
-                     (partial cookie-matches-servlet-session-cookie? session)
-                     %))
-        response))))
+    (let [response (handler request)]
+      (servlet-cookie-dedup-handler response))))