Permalink
Browse files

sessions - Introduced new SessionInvalider component providing an ext…

…ension point to custom behaviours during logout
  • Loading branch information...
fcamblor committed Aug 21, 2017
1 parent 2c0fbbd commit 316c3f44c635d4a0fb06e9d37c7953e69d7b9503
@@ -0,0 +1,16 @@
package restx.security;
import restx.factory.Component;
@Component
public class SessionInvalider {
public SessionInvalider() {
}
public void invalidateSession(){
// Clearing principal
RestxSession.current().clearPrincipal();
RestxSession.current().define(String.class, Session.SESSION_DEF_KEY, null);
}
}
@@ -19,10 +19,12 @@
private final BasicPrincipalAuthenticator authenticator;
private final UUIDGenerator uuidGenerator;
private SessionInvalider sessionInvalider;
public SessionResource(BasicPrincipalAuthenticator authenticator, UUIDGenerator uuidGenerator) {
public SessionResource(BasicPrincipalAuthenticator authenticator, UUIDGenerator uuidGenerator, SessionInvalider sessionInvalider) {
this.authenticator = authenticator;
this.uuidGenerator = uuidGenerator;
this.sessionInvalider = sessionInvalider;
}
@@ -69,8 +71,7 @@ public Session currentSession() {
@PermitAll
@DELETE("/sessions/{sessionKey}")
public Status logout(String sessionKey) {
RestxSession.current().clearPrincipal();
RestxSession.current().define(String.class, Session.SESSION_DEF_KEY, null);
sessionInvalider.invalidateSession();
return Status.of("logout");
}
}

0 comments on commit 316c3f4

Please sign in to comment.