Update AnonymusSessionStatusController.java

2025-04-19 11:11:18 +00:00 · 2025-03-27 13:14:28 +01:00 · 2025-03-27 13:14:28 +01:00 · 27db4d6de2
commit 27db4d6de2
parent cb725ccf8c
1 changed files with 22 additions and 34 deletions
--- a/src/main/java/stirling/software/SPDF/config/anonymus/session/AnonymusSessionStatusController.java
+++ b/src/main/java/stirling/software/SPDF/config/anonymus/session/AnonymusSessionStatusController.java
@ -1,29 +1,20 @@
 package stirling.software.SPDF.config.anonymus.session;

-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Date;
-
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RestController;

 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpSession;
-
 import lombok.extern.slf4j.Slf4j;

-import stirling.software.SPDF.config.interfaces.SessionsInterface;
-
@RestController
-@Slf4j
 public class AnonymusSessionStatusController {

    @Autowired private AnonymusSessionRegistry sessionRegistry;
-    @Autowired private SessionsInterface sessionsInterface;
-    private static final int MAX_SESSIONS = 1;

    @GetMapping("/session/status")
    public ResponseEntity<String> getSessionStatus(HttpServletRequest request) {
@ -32,39 +23,32 @@ public class AnonymusSessionStatusController {
            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("No session found");
        }

-        Collection<AnonymusSessionInfo> allNonExpiredSessions =
-                new ArrayList<>(sessionRegistry.getAllNonExpiredSessions());
-        if (allNonExpiredSessions.isEmpty()) {
-            allNonExpiredSessions.add(
-                    new AnonymusSessionInfo(session, new Date(), new Date(), false));
-        }
+        boolean isActivSesssion =
+                sessionRegistry.getAllSessions().stream()
+                        .filter(s -> s.getSessionId().equals(session.getId()))
+                        .anyMatch(s -> !s.isExpired());

-        // wenn session expire ist dann UNAUTHORIZED
-        if (allNonExpiredSessions.stream()
-                .anyMatch(s -> s.getSession().getId().equals(session.getId()) && s.isExpired())) {
-            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Session expired");
-        }
+        long sessionCount =
+                sessionRegistry.getAllSessions().stream().filter(s -> !s.isExpired()).count();

-        // wenn nicht in der Liste dann UNAUTHORIZED
-        if (allNonExpiredSessions.stream()
-                .noneMatch(s -> s.getSession().getId().equals(session.getId()))) {
-            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("No session found");
-        }
+        long userSessions = sessionCount;
+        int maxUserSessions = sessionRegistry.getMaxUserSessions();

-        if (allNonExpiredSessions.size() > MAX_SESSIONS
-                && sessionsInterface.isSessionValid(session.getId())
-                && sessionsInterface.isOldestNonExpiredSession(session.getId())) {
+        if (userSessions >= maxUserSessions && !isActivSesssion) {
            return ResponseEntity.status(HttpStatus.UNAUTHORIZED)
                    .body("Session ungültig oder abgelaufen");
+        } else if (session.getId() != null && isActivSesssion) {
+            return ResponseEntity.ok("Session gültig: " + session.getId());
+        } else {
+            return ResponseEntity.ok("User has " + userSessions + " sessions");
        }
-        return ResponseEntity.ok("Session gültig: " + session.getId());
    }

    @GetMapping("/session/expire")
    public ResponseEntity<String> expireSession(HttpServletRequest request) {
        HttpSession session = request.getSession(false);
        if (session != null) {
-            session.invalidate();
+            sessionRegistry.expireSession(session.getId());
            return ResponseEntity.ok("Session invalidated");
        } else {
            return ResponseEntity.ok("No session to invalidate");
@ -73,9 +57,13 @@ public class AnonymusSessionStatusController {

    @GetMapping("/session/expire/all")
    public ResponseEntity<String> expireAllSessions() {
-        sessionRegistry
-                .getAllNonExpiredSessions()
-                .forEach(sessionInfo -> sessionInfo.getSession().invalidate());
+        sessionRegistry.expireAllSessions();
        return ResponseEntity.ok("All sessions invalidated");
    }
+
+    @GetMapping("/session/expire/{username}")
+    public ResponseEntity<String> expireAllSessionsByUsername(@PathVariable String username) {
+        sessionRegistry.expireAllSessionsByUsername(username);
+        return ResponseEntity.ok("All sessions invalidated for user: " + username);
+    }
 }