/** * The short representation of the session to be added to the session cookie. By default is the session id. * * @return short representation string. */ default String value() { return id(); } }
@Override public void put(Session session, Handler<AsyncResult<Void>> resultHandler) { final AbstractSession oldSession = (AbstractSession) localMap.get(session.id()); final AbstractSession newSession = (AbstractSession) session; if (oldSession != null) { // there was already some stored data in this case we need to validate versions if (oldSession.version() != newSession.version()) { resultHandler.handle(Future.failedFuture("Version mismatch")); return; } } newSession.incrementVersion(); localMap.put(session.id(), session); resultHandler.handle(Future.succeededFuture()); }
@Override public synchronized void handle(Long tid) { long now = System.currentTimeMillis(); Set<String> toRemove = new HashSet<>(); for (Session session: localMap.values()) { if (now - session.lastAccessed() > session.timeout()) { toRemove.add(session.id()); } } for (String id: toRemove) { localMap.remove(id); } if (!closed) { setTimer(); } }
@Override public void put(Session session, Handler<AsyncResult<Void>> resultHandler) { ClusterSerializable cs = (ClusterSerializable)session; Buffer buff = Buffer.buffer(); cs.writeToBuffer(buff); sessions.put(session.id(), buff); vertx.runOnContext(v -> resultHandler.handle(Future.succeededFuture())); }
private void testLoginFail(boolean badUser) throws Exception { doLoginFail(badUser, rc -> { Session sess = rc.session(); assertNotNull(sess); assertEquals(sessionCookie.get().substring(18, 54), sess.id()); assertNotNull(rc.user()); rc.response().end("Welcome to the protected resource!"); }); }
/** * @return The unique ID of the session. This is generated using a random secure UUID. */ public String id() { String ret = delegate.id(); return ret; }
/** * The short representation of the session to be added to the session cookie. By default is the session id. * * @return short representation string. */ default String value() { return id(); } }
sessionStore.delete(session.id(), res -> { if (res.failed()) { log.error("Failed to delete session", res.cause());
assertNotNull(sess); assertTrue(System.currentTimeMillis() - sess.lastAccessed() < 500); assertNotNull(sess.id()); switch (requestCount.get()) { case 0: rid.set(sess.id()); sess.put("foo", "bar"); sess.destroy(); break; case 1: assertFalse(rid.get().equals(sess.id())); // New session assertNull(sess.get("foo")); rid.set(sess.id()); sess.destroy(); break;
assertNotNull(sess); assertTrue(System.currentTimeMillis() - sess.lastAccessed() < 500); assertNotNull(sess.id()); switch (requestCount.get()) { case 0: break; case 1: assertFalse(rid.get().equals(sess.id())); // New session assertNull(sess.get("foo")); break; rid.set(sess.id()); requestCount.incrementAndGet(); rc.response().end();
Session sess = rc.session(); assertNotNull(sess); assertNotNull(sess.id()); switch (requestCount.get()) { case 0: rid.set(sess.id()); sess.put("foo", "bar"); break; case 1: assertEquals(rid.get(), sess.id()); assertEquals("bar", sess.get("foo")); sess.put("eek", "wibble"); break; case 2: assertEquals(rid.get(), sess.id()); assertEquals("bar", sess.get("foo")); assertEquals("wibble", sess.get("eek"));
@Test public void testSessionFields() throws Exception { router.route().handler(CookieHandler.create()); router.route().handler(SessionHandler.create(store)); AtomicReference<String> rid = new AtomicReference<>(); router.route().handler(rc -> { Session sess = rc.session(); assertNotNull(sess); assertTrue(System.currentTimeMillis() - sess.lastAccessed() < 500); assertNotNull(sess.id()); rid.set(sess.value()); assertFalse(sess.isDestroyed()); assertEquals(SessionHandler.DEFAULT_SESSION_TIMEOUT, sess.timeout()); rc.response().end(); }); testRequest(HttpMethod.GET, "/", null, resp -> { String setCookie = resp.headers().get("set-cookie"); assertTrue(setCookie.startsWith(SessionHandler.DEFAULT_SESSION_COOKIE_NAME + "=")); int pos = setCookie.indexOf("; Path=" + SessionHandler.DEFAULT_SESSION_COOKIE_PATH); String sessID = setCookie.substring(18, pos); assertEquals(rid.get(), sessID); }, 200, "OK", null); }
@Test public void testLogin() throws Exception { doLogin(rc -> { Session sess = rc.session(); assertNotNull(sess); assertEquals(sessionCookie.get().substring(18, 50), sess.id()); assertNotNull(rc.user()); rc.response().end("Welcome to the protected resource!"); }); // And request it again testRequest(HttpMethod.GET, "/protected/somepage", req -> req.putHeader("cookie", sessionCookie.get()), resp -> { }, 200, "OK", "Welcome to the protected resource!"); // Now logout router.route("/logout").handler(rc -> { rc.clearUser(); rc.response().end("logged out"); }); testRequest(HttpMethod.GET, "/logout", req -> req.putHeader("cookie", sessionCookie.get()), resp -> { }, 200, "OK", "logged out"); testRequest(HttpMethod.GET, "/protected/somepage", req -> req.putHeader("cookie", sessionCookie.get()), resp -> { String location = resp.headers().get("location"); assertNotNull(location); assertEquals("/loginpage", location); }, 302, "Found", null); }
@Test public void testSessionIdLength() throws Exception { router.route().handler(CookieHandler.create()); router.route().handler(SessionHandler.create(store)); router.route("/1").handler(rc -> { // previous id must match assertFalse("abc".equals(rc.session().id())); rc.response().end(); }); testRequest(HttpMethod.GET, "/1", req -> req.putHeader("cookie", "vertx-web.session=abc; Path=/"), resp -> { String setCookie = resp.headers().get("set-cookie"); assertNotNull(setCookie); }, 200, "OK", null); }
String sessID = sessionID.get(); if (sessID != null) { assertEquals(sessID, rc.session().id());
@Override public void put(Session session, Handler<AsyncResult<Void>> resultHandler) { ClusterSerializable cs = (ClusterSerializable)session; Buffer buff = Buffer.buffer(); cs.writeToBuffer(buff); sessions.put(session.id(), buff); vertx.runOnContext(v -> resultHandler.handle(Future.succeededFuture())); }
private void testLoginFail(boolean badUser) throws Exception { doLoginFail(badUser, rc -> { Session sess = rc.session(); assertNotNull(sess); assertEquals(sessionCookie.get().substring(18, 54), sess.id()); assertNotNull(rc.user()); rc.response().end("Welcome to the protected resource!"); }); }
private void createNewSession(RoutingContext context) { Session session = sessionStore.createSession(sessionTimeout, minLength); context.setSession(session); Cookie cookie = Cookie.cookie(sessionCookieName, session.id()); cookie.setPath(sessionCookiePath); cookie.setSecure(sessionCookieSecure); cookie.setHttpOnly(sessionCookieHttpOnly); // Don't set max age - it's a session cookie context.addCookie(cookie); addStoreSessionHandler(context); }