Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
[breaking] sessions - Clearing restx principal cache when logging out…
…, thus allowing to refresh principal roles on his next authentication.

This fixes #260
  • Loading branch information
fcamblor committed Aug 21, 2017
1 parent 316c3f4 commit 46f8b58
Showing 1 changed file with 11 additions and 1 deletion.
@@ -1,14 +1,24 @@
package restx.security;

import com.google.common.base.Optional;
import restx.factory.Component;

@Component
public class SessionInvalider {

public SessionInvalider() {
private RestxSession.Definition restxSessionDefinition;

public SessionInvalider(RestxSession.Definition restxSessionDefinition) {
this.restxSessionDefinition = restxSessionDefinition;
}

public void invalidateSession(){
// Invalidating principal cache (on next login, principal roles will be refreshed)
Optional<? extends RestxPrincipal> principal = RestxSession.current().getPrincipal();
if (principal.isPresent()) {
restxSessionDefinition.getEntry(RestxPrincipal.SESSION_DEF_KEY).get().invalidateCacheFor(principal.get().getName());
}

// Clearing principal
RestxSession.current().clearPrincipal();
RestxSession.current().define(String.class, Session.SESSION_DEF_KEY, null);
Expand Down

0 comments on commit 46f8b58

Please sign in to comment.