From 1c33c39c57b6c323dd32228acc6b3a8dda7b3a46 Mon Sep 17 00:00:00 2001
From: Ludy87 <Ludy87@users.noreply.github.com>
Date: Tue, 25 Mar 2025 12:44:28 +0100
Subject: [PATCH] Skip anonymousUser if login is enabled

---
 .../config/security/session/SessionScheduled.java    | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/src/main/java/stirling/software/SPDF/config/security/session/SessionScheduled.java b/src/main/java/stirling/software/SPDF/config/security/session/SessionScheduled.java
index e6d52421..5fe82f09 100644
--- a/src/main/java/stirling/software/SPDF/config/security/session/SessionScheduled.java
+++ b/src/main/java/stirling/software/SPDF/config/security/session/SessionScheduled.java
@@ -5,6 +5,7 @@ import java.time.temporal.ChronoUnit;
 import java.util.Date;
 import java.util.List;
 
+import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.scheduling.annotation.Scheduled;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
@@ -18,12 +19,16 @@ import lombok.extern.slf4j.Slf4j;
 public class SessionScheduled {
 
     private final SessionPersistentRegistry sessionPersistentRegistry;
+    private final boolean loginEnabledValue;
 
-    public SessionScheduled(SessionPersistentRegistry sessionPersistentRegistry) {
+    public SessionScheduled(
+            SessionPersistentRegistry sessionPersistentRegistry,
+            @Qualifier("loginEnabled") boolean loginEnabledValue) {
         this.sessionPersistentRegistry = sessionPersistentRegistry;
+        this.loginEnabledValue = loginEnabledValue;
     }
 
-    @Scheduled(cron = "0 0/1 * * * ?") // TODO: Change to 5m
+    @Scheduled(cron = "0 0/1 * * * ?")
     public void expireSessions() {
         Instant now = Instant.now();
         Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
@@ -31,7 +36,8 @@ public class SessionScheduled {
             if (principal == null) {
                 continue;
             } else if (principal instanceof String stringPrincipal) {
-                if ("anonymousUser".equals(stringPrincipal)) {
+                // Skip anonymousUser if login is enabled
+                if ("anonymousUser".equals(stringPrincipal) && loginEnabledValue) {
                     continue;
                 }
             }