Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
sessions - Introduced new SessionInvalider component providing an ext…
…ension point to custom behaviours during logout
  • Loading branch information
fcamblor committed Aug 21, 2017
1 parent 2c0fbbd commit 316c3f4
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 3 deletions.
@@ -0,0 +1,16 @@
package restx.security;

import restx.factory.Component;

@Component
public class SessionInvalider {

public SessionInvalider() {
}

public void invalidateSession(){
// Clearing principal
RestxSession.current().clearPrincipal();
RestxSession.current().define(String.class, Session.SESSION_DEF_KEY, null);
}
}
Expand Up @@ -19,10 +19,12 @@ public class SessionResource {

private final BasicPrincipalAuthenticator authenticator;
private final UUIDGenerator uuidGenerator;
private SessionInvalider sessionInvalider;

public SessionResource(BasicPrincipalAuthenticator authenticator, UUIDGenerator uuidGenerator) {
public SessionResource(BasicPrincipalAuthenticator authenticator, UUIDGenerator uuidGenerator, SessionInvalider sessionInvalider) {
this.authenticator = authenticator;
this.uuidGenerator = uuidGenerator;
this.sessionInvalider = sessionInvalider;
}


Expand Down Expand Up @@ -69,8 +71,7 @@ public Session currentSession() {
@PermitAll
@DELETE("/sessions/{sessionKey}")
public Status logout(String sessionKey) {
RestxSession.current().clearPrincipal();
RestxSession.current().define(String.class, Session.SESSION_DEF_KEY, null);
sessionInvalider.invalidateSession();
return Status.of("logout");
}
}

0 comments on commit 316c3f4

Please sign in to comment.