@Override public void start() throws Exception { Router router = Router.router(vertx); router.route().handler(CookieHandler.create()); router.route().handler(SessionHandler.create(LocalSessionStore.create(vertx))); router.route().handler(routingContext -> { Session session = routingContext.session(); Integer cnt = session.get("hitcount"); cnt = (cnt == null ? 0 : cnt) + 1; session.put("hitcount", cnt); routingContext.response().putHeader("content-type", "text/html") .end("<html><body><h1>Hitcount: " + cnt + "</h1></body></html>"); }); vertx.createHttpServer().requestHandler(router).listen(8080); } }
@Override public Session session() { return decoratedContext.session(); }
@Override public Session session() { return inner.session(); }
@Override public void parseCredentials(RoutingContext context, Handler<AsyncResult<JsonObject>> handler) { Session session = context.session(); if (session != null) { // Now redirect to the login url - we'll get redirected back here after successful login session.put(returnURLParam, context.request().uri()); handler.handle(Future.failedFuture(new HttpStatusException(302, loginRedirectURL))); } else { handler.handle(Future.failedFuture("No session - did you forget to include a SessionHandler?")); } } }
@Override protected String authenticateHeader(RoutingContext context) { final byte[] bytes = new byte[32]; random.nextBytes(bytes); // generate nonce String nonce = md5(bytes); // save it nonces.put(nonce, new Nonce()); // generate opaque String opaque = null; final Session session = context.session(); if (session != null) { opaque = (String) session.data().get("opaque"); } if (opaque == null) { random.nextBytes(bytes); // generate random opaque opaque = md5(bytes); } return "Digest realm=\"" + realm + "\", qop=\"auth\", nonce=\"" + nonce + "\", opaque=\"" + opaque + "\""; }
SockJSSession(Vertx vertx, LocalMap<String, SockJSSession> sessions, RoutingContext rc, String id, long timeout, long heartbeatInterval, Handler<SockJSSocket> sockHandler) { super(vertx, rc.session(), rc.user()); this.sessions = sessions; this.id = id; this.timeout = timeout; this.sockHandler = sockHandler; context = vertx.getOrCreateContext(); pendingReads = new InboundBuffer<>(context); // Start a heartbeat heartbeatID = vertx.setPeriodic(heartbeatInterval, tid -> { if (listener != null) { listener.sendFrame("h"); } }); }
RawWebSocketTransport(Vertx vertx, Router router, Handler<SockJSSocket> sockHandler) { String wsRE = "/websocket"; router.get(wsRE).handler(rc -> { ServerWebSocket ws = rc.request().upgrade(); SockJSSocket sock = new RawWSSockJSSocket(vertx, rc.session(), rc.user(), ws); sockHandler.handle(sock); }); router.get(wsRE).handler(rc -> rc.response().setStatusCode(400).end("Can \"Upgrade\" only to \"WebSocket\".")); router.get(wsRE).handler(rc -> rc.response().putHeader("Allow", "GET").setStatusCode(405).end()); }
private void testLoginFail(boolean badUser) throws Exception { doLoginFail(badUser, rc -> { Session sess = rc.session(); assertNotNull(sess); assertEquals(sessionCookie.get().substring(18, 54), sess.id()); assertNotNull(rc.user()); rc.response().end("Welcome to the protected resource!"); }); }
@Test public void testIssue172_setnull() throws Exception { router.route().handler(CookieHandler.create()); router.route().handler(SessionHandler.create(store)); AtomicReference<Session> rid = new AtomicReference<>(); router.route().handler(rc -> { rid.set(rc.session()); rc.session().put("foo", null); vertx.setTimer(1000, tid -> rc.response().end()); }); testRequest(HttpMethod.GET, "/", 200, "OK"); }
rid.set(rc.session()); rc.session().put("foo", "foo_value"); rc.response().end(); }); router.get("/1").handler(rc -> { rid.set(rc.session()); assertEquals("foo_value", rc.session().get("foo")); rc.session().destroy(); rc.response().end(); }); router.get("/2").handler(rc -> { rid.set(rc.session()); assertEquals(null, rc.session().<String>get("foo")); rc.response().end(); });
@Test public void testLastAccessed2() throws Exception { router.route().handler(CookieHandler.create()); router.route().handler(SessionHandler.create(store)); AtomicReference<Session> rid = new AtomicReference<>(); router.route().handler(rc -> { rid.set(rc.session()); rc.session().put("foo", "bar"); vertx.setTimer(1000, tid -> rc.response().end()); }); testRequest(HttpMethod.GET, "/", 200, "OK"); // accessed() is called after request too assertTrue(rid.get().lastAccessed() - System.currentTimeMillis() < 500); }
@Test public void testLastAccessed1() throws Exception { router.route().handler(CookieHandler.create()); router.route().handler(SessionHandler.create(store)); AtomicReference<Session> rid = new AtomicReference<>(); long start = System.currentTimeMillis(); router.route().handler(rc -> { rid.set(rc.session()); rc.response().end(); }); testRequest(HttpMethod.GET, "/", 200, "OK"); assertTrue(rid.get().lastAccessed() - start < 500); start = System.currentTimeMillis(); Thread.sleep(1000); testRequest(HttpMethod.GET, "/", 200, "OK"); assertTrue(rid.get().lastAccessed() - start >= 1000); }
@Override public void handle(RoutingContext routingContext) { Session session = routingContext.session(); if (session != null) { User user = null;
AtomicInteger requestCount = new AtomicInteger(); router.route().handler(rc -> { Session sess = rc.session(); assertNotNull(sess); assertTrue(System.currentTimeMillis() - sess.lastAccessed() < 500);
@Test public void testSessionFields() throws Exception { router.route().handler(CookieHandler.create()); router.route().handler(SessionHandler.create(store)); AtomicReference<String> rid = new AtomicReference<>(); router.route().handler(rc -> { Session sess = rc.session(); assertNotNull(sess); assertTrue(System.currentTimeMillis() - sess.lastAccessed() < 500); assertNotNull(sess.id()); rid.set(sess.value()); assertFalse(sess.isDestroyed()); assertEquals(SessionHandler.DEFAULT_SESSION_TIMEOUT, sess.timeout()); rc.response().end(); }); testRequest(HttpMethod.GET, "/", null, resp -> { String setCookie = resp.headers().get("set-cookie"); assertTrue(setCookie.startsWith(SessionHandler.DEFAULT_SESSION_COOKIE_NAME + "=")); int pos = setCookie.indexOf("; Path=" + SessionHandler.DEFAULT_SESSION_COOKIE_PATH); String sessID = setCookie.substring(18, pos); assertEquals(rid.get(), sessID); }, 200, "OK", null); }
@Test public void testLogin() throws Exception { doLogin(rc -> { Session sess = rc.session(); assertNotNull(sess); assertEquals(sessionCookie.get().substring(18, 50), sess.id()); assertNotNull(rc.user()); rc.response().end("Welcome to the protected resource!"); }); // And request it again testRequest(HttpMethod.GET, "/protected/somepage", req -> req.putHeader("cookie", sessionCookie.get()), resp -> { }, 200, "OK", "Welcome to the protected resource!"); // Now logout router.route("/logout").handler(rc -> { rc.clearUser(); rc.response().end("logged out"); }); testRequest(HttpMethod.GET, "/logout", req -> req.putHeader("cookie", sessionCookie.get()), resp -> { }, 200, "OK", "logged out"); testRequest(HttpMethod.GET, "/protected/somepage", req -> req.putHeader("cookie", sessionCookie.get()), resp -> { String location = resp.headers().get("location"); assertNotNull(location); assertEquals("/loginpage", location); }, 302, "Found", null); }
AtomicInteger requestCount = new AtomicInteger(); router.route().handler(rc -> { Session sess = rc.session(); assertNotNull(sess); assertNotNull(sess.id());
@Test public void testSessionIdLength() throws Exception { router.route().handler(CookieHandler.create()); router.route().handler(SessionHandler.create(store)); router.route("/1").handler(rc -> { // previous id must match assertFalse("abc".equals(rc.session().id())); rc.response().end(); }); testRequest(HttpMethod.GET, "/1", req -> req.putHeader("cookie", "vertx-web.session=abc; Path=/"), resp -> { String setCookie = resp.headers().get("set-cookie"); assertNotNull(setCookie); }, 200, "OK", null); }