source: trunk/grails-app/services/dbnp/authentication/AuthenticationService.groovy @ 1783

Last change on this file since 1783 was 1783, checked in by robert@…, 12 years ago

Extended the time a user is logged in, in order to facilitate huge datasets.
  • Property svn:keywords set to Rev Author Date
File size: 4.2 KB
Line 
1/**
2 * AuthenticationService
3 *
4 * Is used for keeping track of the logged in user
5 *
6 * @author      robert@isdat.nl (Robert Horlings
7 * @since       20101021
8 * @package     dbnp.authentication
9 *
10 * Revision information:
11 * $Rev: 1783 $
12 * $Author: robert@isdat.nl $
13 * $Date: 2011-04-20 14:31:27 +0000 (wo, 20 apr 2011) $
14 */
15package dbnp.authentication
16
17import org.codehaus.groovy.grails.plugins.springsecurity.GrailsUser
18
19class AuthenticationService {
20    def springSecurityService
21    static final int expiryTime = 12 * 60; // Number of minutes a remotely logged in user remains active
22
23    static transactional = true
24
25    public boolean isLoggedIn() {
26        return springSecurityService.isLoggedIn();
27    }
28
29    public SecUser getLoggedInUser() {
30      def principal = springSecurityService.getPrincipal()
31
32      // If the user is logged in, the principal should be a GrailsUser object.
33      // If the user is not logged in, the principal is the 'anonymous username'
34      // i.e. a string
35      if( principal instanceof GrailsUser ) {
36          return SecUser.findByUsername( principal.username );
37      }
38
39      return null;
40    }
41
42    /**
43     * Logs a user in for a remote session
44     */
45    public boolean logInRemotely( String consumer, String token, SecUser user ) {
46                // Remove expired users, otherwise they will be kept in the database forever
47                removeExpiredTokens()
48
49                // Make sure there is no other logged in user anymore
50        logOffRemotely( consumer, token )
51
52        def SAUser = new SessionAuthenticatedUser( consumer: consumer, token: token, secUser: user, expiryDate: createExpiryDate() )
53
54        return SAUser.save(flush: true)
55    }
56   
57    public boolean logOffRemotely( String consumer, String token ) {
58        def user = getSessionAuthenticatedUser(consumer, token)
59
60        if( user ) {
61            user.refresh()
62            user.delete()
63        }
64       
65        return true
66    }
67
68    /**
69     * Checks whether a user is logged in from a remote consumer with the
70     * given token
71     */
72    public boolean isRemotelyLoggedIn( String consumer, String token ) {
73        // Check whether a user exists
74        def user = getSessionAuthenticatedUser(consumer, token)
75
76        // Check whether the user is logged in. Since we don't want to return a
77        // user, we explicitly return true or false
78        if( user ) {
79                        // The expiry date should be reset
80                        updateExpiryDate( user )
81
82            return true
83                } else {
84            return false
85                }
86    }
87
88    /**
89     * Returns the user that is logged in remotely
90     */
91    public SecUser getRemotelyLoggedInUser( String consumer, String token ) {
92        // Check whether a user exists
93        def user = getSessionAuthenticatedUser(consumer, token)
94
95        return user ? user.secUser : null
96    }
97
98    /**
99     * Removes all tokens for remote logins that have expired
100     */
101    protected boolean removeExpiredTokens() {
102        SessionAuthenticatedUser.executeUpdate("delete SessionAuthenticatedUser u where u.expiryDate < :expiryDate", [ expiryDate: new Date() ])
103    }
104
105    /**
106         * Returns the currently logged in user from the database or null if no user is logged in
107         */
108        protected SessionAuthenticatedUser getSessionAuthenticatedUser( String consumer, String token ) {
109        def c = SessionAuthenticatedUser.createCriteria()
110        def result = c.get {
111                and {
112                        eq( "consumer", consumer)
113                        eq( "token", token)
114                        gt( "expiryDate", new Date())
115                }
116        }
117
118        if( result )
119            return result
120        else
121            return null
122    }
123
124        /**
125         * Returns the expiry date for a user that is active now.
126         */
127        protected Date createExpiryDate() {
128                // Compute expiryDate
129                long now = new Date().getTime();
130                return new Date( now + AuthenticationService.expiryTime * 60 * 1000 );
131
132        }
133
134        /**
135         * Resets the expiry date of the given user. This should be called every time
136         * an action occurs with this user. That way, if (in case of a timeout of 60 minutes)
137         * he logs in and returns 50 minutes later, he will keep a timeout value of
138         * 60 minutes, instead of only 10 minutes.
139         */
140        protected boolean updateExpiryDate( SessionAuthenticatedUser user ) {
141                user.expiryDate = createExpiryDate()
142                return user.save( flush: true )
143        }
144}
Note: See TracBrowser for help on using the repository browser.