sessions - Introduced new SessionInvalider component providing an extension point to custom behaviours during logout

fcamblor · fcamblor · commit 316c3f44c635 · 2017-08-21T21:44:22.000+02:00
diff --git a/restx-security-basic/src/main/java/restx/security/SessionInvalider.java b/restx-security-basic/src/main/java/restx/security/SessionInvalider.java
@@ -0,0 +1,16 @@
+package restx.security;
+
+import restx.factory.Component;
+
+@Component
+public class SessionInvalider {
+
+    public SessionInvalider() {
+    }
+
+    public void invalidateSession(){
+        // Clearing principal
+        RestxSession.current().clearPrincipal();
+        RestxSession.current().define(String.class, Session.SESSION_DEF_KEY, null);
+    }
+}
diff --git a/restx-security-basic/src/main/java/restx/security/SessionResource.java b/restx-security-basic/src/main/java/restx/security/SessionResource.java
@@ -19,10 +19,12 @@ public class SessionResource {
 
     private final BasicPrincipalAuthenticator authenticator;
     private final UUIDGenerator uuidGenerator;
+    private SessionInvalider sessionInvalider;
 
-    public SessionResource(BasicPrincipalAuthenticator authenticator, UUIDGenerator uuidGenerator) {
+    public SessionResource(BasicPrincipalAuthenticator authenticator, UUIDGenerator uuidGenerator, SessionInvalider sessionInvalider) {
         this.authenticator = authenticator;
         this.uuidGenerator = uuidGenerator;
+        this.sessionInvalider = sessionInvalider;
     }
 
 
@@ -69,8 +71,7 @@ public Session currentSession() {
     @PermitAll
     @DELETE("/sessions/{sessionKey}")
     public Status logout(String sessionKey) {
-        RestxSession.current().clearPrincipal();
-        RestxSession.current().define(String.class, Session.SESSION_DEF_KEY, null);
+        sessionInvalider.invalidateSession();
         return Status.of("logout");
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -19,10 +19,12 @@ public class SessionResource {`
`19`	`19`
`20`	`20`	`private final BasicPrincipalAuthenticator authenticator;`
`21`	`21`	`private final UUIDGenerator uuidGenerator;`
	`22`	`+ private SessionInvalider sessionInvalider;`
`22`	`23`
`23`		`- public SessionResource(BasicPrincipalAuthenticator authenticator, UUIDGenerator uuidGenerator) {`
	`24`	`+ public SessionResource(BasicPrincipalAuthenticator authenticator, UUIDGenerator uuidGenerator, SessionInvalider sessionInvalider) {`
`24`	`25`	`this.authenticator = authenticator;`
`25`	`26`	`this.uuidGenerator = uuidGenerator;`
	`27`	`+ this.sessionInvalider = sessionInvalider;`
`26`	`28`	`}`
`27`	`29`
`28`	`30`
`@@ -69,8 +71,7 @@ public Session currentSession() {`
`69`	`71`	`@PermitAll`
`70`	`72`	`@DELETE("/sessions/{sessionKey}")`
`71`	`73`	`public Status logout(String sessionKey) {`
`72`		`- RestxSession.current().clearPrincipal();`
`73`		`- RestxSession.current().define(String.class, Session.SESSION_DEF_KEY, null);`
	`74`	`+ sessionInvalider.invalidateSession();`
`74`	`75`	`return Status.of("logout");`
`75`	`76`	`}`
`76`	`77`	`}`