mirror of
https://github.com/sismics/docs.git
synced 2024-12-22 19:33:47 +01:00
Closes #21: Save IP and UA on login
This commit is contained in:
parent
0228d43442
commit
b2a38cea62
@ -29,6 +29,18 @@ public class AuthenticationToken {
|
||||
@Column(name = "AUT_IDUSER_C", nullable = false, length = 36)
|
||||
private String userId;
|
||||
|
||||
/**
|
||||
* Login IP.
|
||||
*/
|
||||
@Column(name = "AUT_IP_C", nullable = true, length = 45)
|
||||
private String ip;
|
||||
|
||||
/**
|
||||
* Login user agent.
|
||||
*/
|
||||
@Column(name = "AUT_UA_C", nullable = true, length = 1000)
|
||||
private String userAgent;
|
||||
|
||||
/**
|
||||
* Remember the user next time (long lasted session).
|
||||
*/
|
||||
@ -100,6 +112,38 @@ public class AuthenticationToken {
|
||||
public void setLongLasted(boolean longLasted) {
|
||||
this.longLasted = longLasted;
|
||||
}
|
||||
|
||||
/**
|
||||
* Getter of ip.
|
||||
* @return ip
|
||||
*/
|
||||
public String getIp() {
|
||||
return ip;
|
||||
}
|
||||
|
||||
/**
|
||||
* Setter of ip.
|
||||
* @param ip ip
|
||||
*/
|
||||
public void setIp(String ip) {
|
||||
this.ip = ip;
|
||||
}
|
||||
|
||||
/**
|
||||
* Getter of userAgent.
|
||||
* @return userAgent
|
||||
*/
|
||||
public String getUserAgent() {
|
||||
return userAgent;
|
||||
}
|
||||
|
||||
/**
|
||||
* Setter of userAgent.
|
||||
* @param userAgent userAgent
|
||||
*/
|
||||
public void setUserAgent(String userAgent) {
|
||||
this.userAgent = userAgent;
|
||||
}
|
||||
|
||||
/**
|
||||
* Getter of creationDate.
|
||||
@ -142,6 +186,8 @@ public class AuthenticationToken {
|
||||
return Objects.toStringHelper(this)
|
||||
.add("id", "**hidden**")
|
||||
.add("userId", userId)
|
||||
.add("ip", ip)
|
||||
.add("userAgent", userAgent)
|
||||
.add("longLasted", longLasted)
|
||||
.toString();
|
||||
}
|
||||
|
@ -1 +1 @@
|
||||
db.version=9
|
||||
db.version=10
|
@ -0,0 +1,4 @@
|
||||
alter table T_FILE alter column FIL_IDUSER_C set not null;
|
||||
alter table T_AUTHENTICATION_TOKEN add column AUT_IP_C varchar(45);
|
||||
alter table T_AUTHENTICATION_TOKEN add column AUT_UA_C varchar(1000);
|
||||
update T_CONFIG set CFG_VALUE_C='10' where CFG_ID_C='DB_VERSION';
|
@ -1,3 +1,3 @@
|
||||
api.current_version=${project.version}
|
||||
api.min_version=1.0
|
||||
db.version=9
|
||||
db.version=10
|
@ -1,5 +1,6 @@
|
||||
package com.sismics.docs.rest.resource;
|
||||
|
||||
import com.google.common.base.Strings;
|
||||
import com.sismics.docs.core.constant.Constants;
|
||||
import com.sismics.docs.core.dao.jpa.AuthenticationTokenDao;
|
||||
import com.sismics.docs.core.dao.jpa.RoleBaseFunctionDao;
|
||||
@ -288,12 +289,20 @@ public class UserResource extends BaseResource {
|
||||
if (userId == null) {
|
||||
throw new ForbiddenClientException();
|
||||
}
|
||||
|
||||
|
||||
// Get the remote IP
|
||||
String ip = request.getHeader("x-forwarded-for");
|
||||
if (Strings.isNullOrEmpty(ip)) {
|
||||
ip = request.getRemoteAddr();
|
||||
}
|
||||
|
||||
// Create a new session token
|
||||
AuthenticationTokenDao authenticationTokenDao = new AuthenticationTokenDao();
|
||||
AuthenticationToken authenticationToken = new AuthenticationToken();
|
||||
authenticationToken.setUserId(userId);
|
||||
authenticationToken.setLongLasted(longLasted);
|
||||
authenticationToken.setIp(ip);
|
||||
authenticationToken.setUserAgent(StringUtils.abbreviate(request.getHeader("user-agent"), 1000));
|
||||
String token = authenticationTokenDao.create(authenticationToken);
|
||||
|
||||
// Cleanup old session tokens
|
||||
@ -566,6 +575,8 @@ public class UserResource extends BaseResource {
|
||||
for (AuthenticationToken authenticationToken : authenticationTokenDao.getByUserId(principal.getId())) {
|
||||
JSONObject session = new JSONObject();
|
||||
session.put("create_date", authenticationToken.getCreationDate().getTime());
|
||||
session.put("ip", authenticationToken.getIp());
|
||||
session.put("user_agent", authenticationToken.getUserAgent());
|
||||
if (authenticationToken.getLastConnectionDate() != null) {
|
||||
session.put("last_connection_date", authenticationToken.getLastConnectionDate().getTime());
|
||||
}
|
||||
|
@ -4,6 +4,7 @@
|
||||
<tr>
|
||||
<th>Created date</th>
|
||||
<th>Last connection date</th>
|
||||
<th>From</th>
|
||||
<th>Current</th>
|
||||
</tr>
|
||||
</thead>
|
||||
@ -11,6 +12,7 @@
|
||||
<tr ng-repeat="session in sessions | orderBy: '-current'" ng-class="{ 'info': session.current, 'warning': !session.current }">
|
||||
<td>{{ session.create_date | date: 'yyyy-MM-dd HH:mm' }}</td>
|
||||
<td>{{ session.last_connection_date | date: 'yyyy-MM-dd HH:mm' }}</td>
|
||||
<td title="{{ session.user_agent }}">{{ session.ip }}</td>
|
||||
<td><span ng-show="session.current" class="glyphicon glyphicon-ok"></span></td>
|
||||
</tr>
|
||||
</tbody>
|
||||
|
@ -1,3 +1,3 @@
|
||||
api.current_version=${project.version}
|
||||
api.min_version=1.0
|
||||
db.version=9
|
||||
db.version=10
|
@ -144,6 +144,9 @@ public class TestUserResource extends BaseJerseyTest {
|
||||
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
|
||||
json = response.getEntity(JSONObject.class);
|
||||
Assert.assertTrue(json.getJSONArray("sessions").length() > 0);
|
||||
JSONObject session = json.getJSONArray("sessions").getJSONObject(0);
|
||||
Assert.assertEquals("127.0.0.1", session.getString("ip"));
|
||||
Assert.assertTrue(session.getString("user_agent").startsWith("Java"));
|
||||
|
||||
// Delete all sessions
|
||||
userResource = resource().path("/user/session");
|
||||
|
Loading…
Reference in New Issue
Block a user