Ignore:
Timestamp:
Jun 24, 2011, 12:56:22 PM (11 years ago)
Author:
robert@…
Message:

Updated module notification so that it also sends authentication to modules.

Location:
trunk/grails-app/services/dbnp/authentication
Files:
1 added
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/grails-app/services/dbnp/authentication/AuthenticationService.groovy

    r1931 r1939  
    1919class AuthenticationService {
    2020    def springSecurityService
    21     static final int expiryTime = 12 * 60; // Number of minutes a remotely logged in user remains active
     21        def remoteAuthenticationService
    2222
    2323    static transactional = true
     
    4444     */
    4545    public boolean logInRemotely( String consumer, String token, SecUser user ) {
    46                 // Remove expired users, otherwise they will be kept in the database forever
    47                 removeExpiredTokens()
    48 
    49                 // Make sure there is no other logged in user anymore
    50         logOffRemotely( consumer, token )
    51 
    52         def SAUser = new SessionAuthenticatedUser( consumer: consumer, token: token, secUser: user, expiryDate: createExpiryDate() )
    53 
    54         return SAUser.save(flush: true)
     46                remoteAuthenticationService.logInRemotely( consumer, token, user );
    5547    }
    5648   
    5749    public boolean logOffRemotely( String consumer, String token ) {
    58         def user = getSessionAuthenticatedUser(consumer, token)
    59 
    60         if( user ) {
    61             user.refresh()
    62             user.delete()
    63         }
    64        
    65         return true
     50                remoteAuthenticationService.logOffRemotely( consumer, token );
    6651    }
    6752
     
    7156     */
    7257    public boolean isRemotelyLoggedIn( String consumer, String token ) {
    73         // Check whether a user exists
    74         def user = getSessionAuthenticatedUser(consumer, token)
    75 
    76         // Check whether the user is logged in. Since we don't want to return a
    77         // user, we explicitly return true or false
    78         if( user ) {
    79                         // The expiry date should be reset
    80                         updateExpiryDate( user )
    81 
    82             return true
    83                 } else {
    84             return false
    85                 }
     58                remoteAuthenticationService.isRemotelyLoggedIn( consumer, token );
    8659    }
    8760
     
    9063     */
    9164    public SecUser getRemotelyLoggedInUser( String consumer, String token ) {
    92         // Check whether a user exists
    93         def user = getSessionAuthenticatedUser(consumer, token)
    94 
    95         return user ? user.secUser : null
     65                remoteAuthenticationService.getRemotelyLoggedInUser( consumer, token );
    9666    }
    9767       
     
    10171         */
    10272        public void deleteRemoteSessions( SecUser user ) {
    103         if( user ) {
    104                         SessionAuthenticatedUser.executeUpdate("delete SessionAuthenticatedUser u where u.secUser = :secUser", [ secUser: user ])
    105         }
    106         }
    107 
    108     /**
    109      * Removes all tokens for remote logins that have expired
    110      */
    111     protected boolean removeExpiredTokens() {
    112         SessionAuthenticatedUser.executeUpdate("delete SessionAuthenticatedUser u where u.expiryDate < :expiryDate", [ expiryDate: new Date() ])
    113     }
    114 
    115     /**
    116          * Returns the currently logged in user from the database or null if no user is logged in
    117          */
    118         protected SessionAuthenticatedUser getSessionAuthenticatedUser( String consumer, String token ) {
    119         def c = SessionAuthenticatedUser.createCriteria()
    120         def result = c.get {
    121                 and {
    122                         eq( "consumer", consumer)
    123                         eq( "token", token)
    124                         gt( "expiryDate", new Date())
    125                 }
    126         }
    127 
    128         if( result )
    129             return result
    130         else
    131             return null
    132     }
    133 
    134         /**
    135          * Returns the expiry date for a user that is active now.
    136          */
    137         protected Date createExpiryDate() {
    138                 // Compute expiryDate
    139                 long now = new Date().getTime();
    140                 return new Date( now + AuthenticationService.expiryTime * 60 * 1000 );
    141 
    142         }
    143 
    144         /**
    145          * Resets the expiry date of the given user. This should be called every time
    146          * an action occurs with this user. That way, if (in case of a timeout of 60 minutes)
    147          * he logs in and returns 50 minutes later, he will keep a timeout value of
    148          * 60 minutes, instead of only 10 minutes.
    149          */
    150         protected boolean updateExpiryDate( SessionAuthenticatedUser user ) {
    151                 user.expiryDate = createExpiryDate()
    152                 return user.save( flush: true )
     73                remoteAuthenticationService.deleteRemoteSessions( user );
    15374        }
    15475}
Note: See TracChangeset for help on using the changeset viewer.