Source code

001// --------------------------------------------------------------------------------
002// Copyright 2002-2024 Echo Three, LLC
003//
004// Licensed under the Apache License, Version 2.0 (the "License");
005// you may not use this file except in compliance with the License.
006// You may obtain a copy of the License at
007//
008//     http://www.apache.org/licenses/LICENSE-2.0
009//
010// Unless required by applicable law or agreed to in writing, software
011// distributed under the License is distributed on an "AS IS" BASIS,
012// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013// See the License for the specific language governing permissions and
014// limitations under the License.
015// --------------------------------------------------------------------------------
016
017package com.echothree.view.client.web.util;
018
019import com.echothree.control.user.authentication.common.AuthenticationUtil;
020import com.echothree.control.user.authentication.common.result.GetUserVisitResult;
021import com.echothree.model.data.user.common.pk.UserVisitPK;
022import com.echothree.view.client.web.WebConstants;
023import javax.naming.NamingException;
024import javax.servlet.http.Cookie;
025import javax.servlet.http.HttpServletRequest;
026import javax.servlet.http.HttpServletResponse;
027import org.apache.commons.logging.Log;
028import org.apache.commons.logging.LogFactory;
029
030public class HttpSessionUtils {
031
032    private static final HttpSessionUtils instance = new HttpSessionUtils();
033    
034    protected HttpSessionUtils() {
035        super();
036    }
037    
038    public static HttpSessionUtils getInstance() {
039        return instance;
040    }
041
042    protected static Log log = LogFactory.getLog(HttpSessionUtils.class);
043
044    public static final int DEFAULT_MAX_INACTIVE_INTERVAL = 15 * 60; // 15 minutes
045
046    private Cookie GetUserKeyCookie(final HttpServletRequest request) {
047        final var cookies = request.getCookies();
048        Cookie result = null;
049
050        if(cookies != null) {
051            for(var cookie : cookies) {
052                if(cookie.getName().equals(WebConstants.Cookie_USER_KEY)) {
053                    result = cookie;
054                }
055            }
056        }
057
058        return result;
059    }
060
061    public UserVisitPK setupUserVisit(final HttpServletRequest request, final HttpServletResponse response,
062            final boolean secureUserKey) {
063        // Get the HttpSession, create if it doesn't exist yet.
064        final var httpSession = request.getSession(true);
065
066        // Get the existing UserVisit, create if it doesn't exist yet.
067        var userVisitPK = (UserVisitPK)httpSession.getAttribute(WebConstants.Session_USER_VISIT);
068        if(userVisitPK == null) {
069            // Set the session timeout.
070            httpSession.setMaxInactiveInterval(DEFAULT_MAX_INACTIVE_INTERVAL);
071
072            try {
073                final var authenticationService = AuthenticationUtil.getHome();
074                final var commandForm = AuthenticationUtil.getHome().getGetUserVisitForm();
075                var cookie = GetUserKeyCookie(request);
076
077                if(cookie != null) {
078                    commandForm.setUserKeyName(cookie.getValue());
079                }
080
081                final var commandResult = authenticationService.getUserVisit(commandForm);
082                final var executionResult = commandResult.getExecutionResult();
083                final var getUserVisitResult = (GetUserVisitResult)executionResult.getResult();
084
085                var userKeyName = getUserVisitResult.getUserKeyName();
086                if(cookie == null) {
087                    cookie = new Cookie(WebConstants.Cookie_USER_KEY, userKeyName);
088                } else {
089                    cookie.setValue(userKeyName);
090                }
091
092                cookie.setPath("/");
093                cookie.setMaxAge(365 * 24 * 60 * 60); // 1 Year
094                if(secureUserKey) {
095                    cookie.setSecure(true);
096                }
097                response.addCookie(cookie);
098
099                userVisitPK = getUserVisitResult.getUserVisitPK();
100                httpSession.setAttribute(WebConstants.Session_USER_VISIT, userVisitPK);
101                httpSession.setAttribute("bindings.listener", new CustomBindingListener(userVisitPK));
102
103                if(log.isDebugEnabled()) {
104                    log.debug("HttpSessionUtils.setupUserVisit: new UserVisit created: " + userVisitPK.getEntityRef());
105                }
106            } catch (NamingException ne) {
107                log.error("HttpSessionUtils.setupUserVisit encountered an Exception", ne);
108            }
109        }
110        
111        return userVisitPK;
112    }
113    
114}