Closes #21: Save IP and UA on login

docs-core/src/main/java/com/sismics/docs/core/model/jpa/AuthenticationToken.java

@@ -29,6 +29,18 @@ public class AuthenticationToken {
     @Column(name = "AUT_IDUSER_C", nullable = false, length = 36)
     private String userId;
     
+    /**
+     * Login IP.
+     */
+    @Column(name = "AUT_IP_C", nullable = true, length = 45)
+    private String ip;
+    
+    /**
+     * Login user agent.
+     */
+    @Column(name = "AUT_UA_C", nullable = true, length = 1000)
+    private String userAgent;
+    
     /**
      * Remember the user next time (long lasted session).
      */
@@ -100,6 +112,38 @@ public class AuthenticationToken {
     public void setLongLasted(boolean longLasted) {
         this.longLasted = longLasted;
     }
+    
+    /**
+     * Getter of ip.
+     * @return ip
+     */
+    public String getIp() {
+        return ip;
+    }
+
+    /**
+     * Setter of ip.
+     * @param ip ip
+     */
+    public void setIp(String ip) {
+        this.ip = ip;
+    }
+
+    /**
+     * Getter of userAgent.
+     * @return userAgent
+     */
+    public String getUserAgent() {
+        return userAgent;
+    }
+
+    /**
+     * Setter of userAgent.
+     * @param userAgent userAgent
+     */
+    public void setUserAgent(String userAgent) {
+        this.userAgent = userAgent;
+    }
 
     /**
      * Getter of creationDate.
@@ -142,6 +186,8 @@ public class AuthenticationToken {
         return Objects.toStringHelper(this)
                 .add("id", "**hidden**")
                 .add("userId", userId)
+                .add("ip", ip)
+                .add("userAgent", userAgent)
                 .add("longLasted", longLasted)
                 .toString();
     }

docs-core/src/main/resources/config.properties

@@ -1 +1 @@
-db.version=9
+db.version=10

docs-core/src/main/resources/db/update/dbupdate-010-0.sql

@@ -0,0 +1,4 @@
+alter table T_FILE alter column FIL_IDUSER_C set not null;
+alter table T_AUTHENTICATION_TOKEN add column AUT_IP_C varchar(45);
+alter table T_AUTHENTICATION_TOKEN add column AUT_UA_C varchar(1000);
+update T_CONFIG set CFG_VALUE_C='10' where CFG_ID_C='DB_VERSION';

docs-web/src/dev/resources/config.properties

@@ -1,3 +1,3 @@
 api.current_version=${project.version}
 api.min_version=1.0
-db.version=9
+db.version=10

docs-web/src/main/java/com/sismics/docs/rest/resource/UserResource.java

@@ -1,5 +1,6 @@
 package com.sismics.docs.rest.resource;
 
+import com.google.common.base.Strings;
 import com.sismics.docs.core.constant.Constants;
 import com.sismics.docs.core.dao.jpa.AuthenticationTokenDao;
 import com.sismics.docs.core.dao.jpa.RoleBaseFunctionDao;
@@ -288,12 +289,20 @@ public class UserResource extends BaseResource {
         if (userId == null) {
             throw new ForbiddenClientException();
         }
-            
+        
+        // Get the remote IP
+        String ip = request.getHeader("x-forwarded-for");
+        if (Strings.isNullOrEmpty(ip)) {
+            ip = request.getRemoteAddr();
+        }
+        
         // Create a new session token
         AuthenticationTokenDao authenticationTokenDao = new AuthenticationTokenDao();
         AuthenticationToken authenticationToken = new AuthenticationToken();
         authenticationToken.setUserId(userId);
         authenticationToken.setLongLasted(longLasted);
+        authenticationToken.setIp(ip);
+        authenticationToken.setUserAgent(StringUtils.abbreviate(request.getHeader("user-agent"), 1000));
         String token = authenticationTokenDao.create(authenticationToken);
         
         // Cleanup old session tokens
@@ -566,6 +575,8 @@ public class UserResource extends BaseResource {
         for (AuthenticationToken authenticationToken : authenticationTokenDao.getByUserId(principal.getId())) {
             JSONObject session = new JSONObject();
             session.put("create_date", authenticationToken.getCreationDate().getTime());
+            session.put("ip", authenticationToken.getIp());
+            session.put("user_agent", authenticationToken.getUserAgent());
             if (authenticationToken.getLastConnectionDate() != null) {
                 session.put("last_connection_date", authenticationToken.getLastConnectionDate().getTime());
             }

docs-web/src/main/webapp/src/partial/docs/settings.session.html

@@ -4,6 +4,7 @@
     <tr>
       <th>Created date</th>
       <th>Last connection date</th>
+      <th>From</th>
       <th>Current</th>
     </tr>
   </thead>
@@ -11,6 +12,7 @@
     <tr ng-repeat="session in sessions | orderBy: '-current'" ng-class="{ 'info': session.current, 'warning': !session.current }">
       <td>{{ session.create_date | date: 'yyyy-MM-dd HH:mm' }}</td>
       <td>{{ session.last_connection_date | date: 'yyyy-MM-dd HH:mm' }}</td>
+      <td title="{{ session.user_agent }}">{{ session.ip }}</td>
       <td><span ng-show="session.current" class="glyphicon glyphicon-ok"></span></td>
     </tr>
   </tbody>

docs-web/src/prod/resources/config.properties

@@ -1,3 +1,3 @@
 api.current_version=${project.version}
 api.min_version=1.0
-db.version=9
+db.version=10

docs-web/src/test/java/com/sismics/docs/rest/TestUserResource.java

@@ -144,6 +144,9 @@ public class TestUserResource extends BaseJerseyTest {
         Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
         json = response.getEntity(JSONObject.class);
         Assert.assertTrue(json.getJSONArray("sessions").length() > 0);
+        JSONObject session = json.getJSONArray("sessions").getJSONObject(0);
+        Assert.assertEquals("127.0.0.1", session.getString("ip"));
+        Assert.assertTrue(session.getString("user_agent").startsWith("Java"));
         
         // Delete all sessions
         userResource = resource().path("/user/session");