sessions - Introduced new SessionInvalider component providing an ext…

…ension point to custom behaviours during logout

restx-security-basic/src/main/java/restx/security/SessionInvalider.java

@@ -0,0 +1,16 @@
+package restx.security;
+
+import restx.factory.Component;
+
+@Component
+public class SessionInvalider {
+
+    public SessionInvalider() {
+    }
+
+    public void invalidateSession(){
+        // Clearing principal
+        RestxSession.current().clearPrincipal();
+        RestxSession.current().define(String.class, Session.SESSION_DEF_KEY, null);
+    }
+}

restx-security-basic/src/main/java/restx/security/SessionResource.java

@@ -19,10 +19,12 @@
 
     private final BasicPrincipalAuthenticator authenticator;
     private final UUIDGenerator uuidGenerator;
+    private SessionInvalider sessionInvalider;
 
-    public SessionResource(BasicPrincipalAuthenticator authenticator, UUIDGenerator uuidGenerator) {
+    public SessionResource(BasicPrincipalAuthenticator authenticator, UUIDGenerator uuidGenerator, SessionInvalider sessionInvalider) {
         this.authenticator = authenticator;
         this.uuidGenerator = uuidGenerator;
+        this.sessionInvalider = sessionInvalider;
     }
 
 
@@ -69,8 +71,7 @@ public Session currentSession() {
     @PermitAll
     @DELETE("/sessions/{sessionKey}")
     public Status logout(String sessionKey) {
-        RestxSession.current().clearPrincipal();
-        RestxSession.current().define(String.class, Session.SESSION_DEF_KEY, null);
+        sessionInvalider.invalidateSession();
         return Status.of("logout");
     }
 }