Package org.rapidcontext.core.type
Class Session
java.lang.Object
org.rapidcontext.core.storage.StorableObject
org.rapidcontext.core.type.Session
An active client session.
- Version:
- 1.0
-
Field Summary
Modifier and TypeFieldDescriptionstatic final long
The default active session time (5 minutes).static ThreadLocal
<Session> The currently active session (for the current thread).static final long
The expiry timeout (after last access) for anonymous users (30 minutes).static final long
The expiry timeout (after last access) for logged in users (30 days).static final String
The dictionary key for the last access timestamp.static final String
The dictionary key for the user agent string of the web browser.static final String
The dictionary key for the creation timestamp.static final String
The dictionary key for the destruction timestamp.static final String
The dictionary key for the temporary session files.static final String
The dictionary key for the source IP address.static final String
The dictionary key for the user id.static final long
The maximum session age (90 days).static final Path
The session object storage path.Fields inherited from class org.rapidcontext.core.storage.StorableObject
dict, KEY_ACTIVATED_TIME, KEY_CLASSNAME, KEY_ID, KEY_TYPE, PREFIX_COMPUTED, PREFIX_HIDDEN
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionReturns the session last access timestamp.void
Adds a file to the session.Returns a stream of all sessions found in the storage.Validates this session and authenticates the user.client()
Returns the session user agent string of the web browser.Returns the session creation timestamp.protected void
destroy()
Destroys this session.Returns the scheduled session destruction timestamp.Returns a session file with the specified unique id.files()
Returns a dictionary of all session files.static Session
Searches for a specific session in the storage.void
Invalidates this session by marking it as expired.ip()
Returns the session source IP address.protected boolean
isActive()
Checks if this object is in active use.boolean
Checks if this session is authenticated (by a user).boolean
Checks if this session has expired.protected boolean
Checks if this object has been modified since initialized from storage.boolean
isNew()
Checks if this session is new (hasn't been stored).protected void
Discards the modified flag for this object.static void
Removes the specified session id from the provided storage.void
Removes and deletes all session files.static void
removeExpired
(Storage storage) Removes all expired sessions from the provided storage.void
removeFile
(String id) Removes and deletes a session file.Returns a serialized representation of this object.void
Sets the session user agent string of the web browser.void
setDestroyTime
(Date date) Sets the scheduled session destruction timestamp.void
Sets the session source IP address.void
Sets the session user identifier if it was previously blank.static void
Stores the specified session in the provided storage.void
Updates the session last access timestamp to the current system time.userId()
Returns the session user identifier.Methods inherited from class org.rapidcontext.core.storage.StorableObject
activate, activatedTime, id, init, path, sterilize, toString, type
-
Field Details
-
PATH
The session object storage path. -
KEY_USER
The dictionary key for the user id.- See Also:
-
KEY_CREATE_TIME
The dictionary key for the creation timestamp.- See Also:
-
KEY_DESTROY_TIME
The dictionary key for the destruction timestamp.- See Also:
-
KEY_ACCESS_TIME
The dictionary key for the last access timestamp.- See Also:
-
KEY_IP
The dictionary key for the source IP address.- See Also:
-
KEY_CLIENT
The dictionary key for the user agent string of the web browser.- See Also:
-
KEY_FILES
The dictionary key for the temporary session files. All these files will be deleted when the session instance is destroyed (removed from in-memory storage).- See Also:
-
EXPIRY_ANON_MILLIS
public static final long EXPIRY_ANON_MILLISThe expiry timeout (after last access) for anonymous users (30 minutes).- See Also:
-
EXPIRY_AUTH_MILLIS
public static final long EXPIRY_AUTH_MILLISThe expiry timeout (after last access) for logged in users (30 days).- See Also:
-
MAX_AGE_MILLIS
public static final long MAX_AGE_MILLISThe maximum session age (90 days).- See Also:
-
ACTIVE_MILLIS
public static final long ACTIVE_MILLISThe default active session time (5 minutes).- See Also:
-
activeSession
The currently active session (for the current thread).
-
-
Constructor Details
-
Session
Creates a new session from a serialized representation.- Parameters:
id
- the object identifiertype
- the object type namedict
- the serialized representation
-
Session
Creates a new session for the specified user.- Parameters:
userId
- the user idip
- the source IP addressclient
- the browser user agent string
-
-
Method Details
-
all
Returns a stream of all sessions found in the storage.- Parameters:
storage
- the storage to search- Returns:
- a stream of session instances found
-
find
Searches for a specific session in the storage.- Parameters:
storage
- the storage to search inid
- the session identifier- Returns:
- the session found, or null if not found
-
store
Stores the specified session in the provided storage.- Parameters:
storage
- the storage to usesession
- the session to store- Throws:
StorageException
- if the session couldn't be stored
-
remove
Removes the specified session id from the provided storage.- Parameters:
storage
- the storage to useid
- the session id to remove
-
removeExpired
Removes all expired sessions from the provided storage. This method will load and examine sessions that have not been modified in 30 minutes.- Parameters:
storage
- the storage to use
-
isActive
protected boolean isActive()Checks if this object is in active use. This method returns true during some minutes after the last access, thereafter false.- Overrides:
isActive
in classStorableObject
- Returns:
- true if the object is active, or false otherwise
- See Also:
-
isModified
protected boolean isModified()Checks if this object has been modified since initialized from storage.- Overrides:
isModified
in classStorableObject
- Returns:
- true if the object has been modified, or false otherwise
-
destroy
protected void destroy()Destroys this session. This method is used to free resources used when the session is no longer in active use. It is called when the session instance is removed from in-memory storage (the object cache).- Overrides:
destroy
in classStorableObject
-
passivate
protected void passivate()Discards the modified flag for this object.- Overrides:
passivate
in classStorableObject
-
isNew
public boolean isNew()Checks if this session is new (hasn't been stored).- Returns:
- true if the session is new, or false otherwise
-
isAuthenticated
public boolean isAuthenticated()Checks if this session is authenticated (by a user).- Returns:
- true if the session is authenticated, or false otherwise
-
isExpired
public boolean isExpired()Checks if this session has expired.- Returns:
- true if the session has expired, or false otherwise
-
userId
Returns the session user identifier.- Returns:
- the session user identifier.
-
setUserId
Sets the session user identifier if it was previously blank. Once a session has been bound to a user, it cannot be bound to another user (or reset to a blank user).- Parameters:
userId
- the new session user identifier- Throws:
SecurityException
- if the session couldn't be bound to the specified user identifier
-
createTime
Returns the session creation timestamp.- Returns:
- the session creation timestamp.
-
destroyTime
Returns the scheduled session destruction timestamp.- Returns:
- the session destruction timestamp.
-
setDestroyTime
Sets the scheduled session destruction timestamp.- Parameters:
date
- the destruction timestamp, or null for default
-
accessTime
Returns the session last access timestamp.- Returns:
- the session last access timestamp.
-
updateAccessTime
public void updateAccessTime()Updates the session last access timestamp to the current system time. -
ip
Returns the session source IP address. May be in either IPv4 or IPv6 format.- Returns:
- the session source IP address.
-
setIp
Sets the session source IP address. May be in either IPv4 or IPv6 format.- Parameters:
ip
- the new session source IP address.
-
client
Returns the session user agent string of the web browser.- Returns:
- the session user agent string.
-
setClient
Sets the session user agent string of the web browser.- Parameters:
client
- the session user agent string.
-
files
Returns a dictionary of all session files. The files are indexed by their unique id.- Returns:
- a dictionary of all files
-
file
Returns a session file with the specified unique id.- Parameters:
id
- the file id- Returns:
- the session file, or null if no such file was found
-
addFile
Adds a file to the session. The file will be automatically deleted when the session expires or is removed from in-memory cache.- Parameters:
id
- the file idfile
- the file to add
-
removeFile
Removes and deletes a session file. If the file has been moved from its original location, it wont be deleted.- Parameters:
id
- the file id
-
removeAllFiles
public void removeAllFiles()Removes and deletes all session files. If the files have been moved from their original location, they wont be deleted. -
authenticate
Validates this session and authenticates the user. If the session has expired or is no longer valid, a security exception is thrown. Note that this method may succeed also if no user is linked to the session.- Returns:
- the authenticated user, i.e. SecurityContext.currentUser()
- Throws:
SecurityException
- if the session wasn't valid
-
invalidate
public void invalidate()Invalidates this session by marking it as expired. This operation is irreversible and will eventually cause the removal of the session in the storage. -
serialize
Returns a serialized representation of this object. Used when persisting to permanent storage or when accessing the object from outside pure Java. Returns a shallow copy of the contained dictionary.- Overrides:
serialize
in classStorableObject
- Returns:
- the serialized representation of this object
-