mirror of
https://github.com/sismics/docs.git
synced 2024-11-25 23:27:57 +01:00
Closes #21: Save IP and UA on login
This commit is contained in:
parent
0228d43442
commit
b2a38cea62
@ -29,6 +29,18 @@ public class AuthenticationToken {
|
|||||||
@Column(name = "AUT_IDUSER_C", nullable = false, length = 36)
|
@Column(name = "AUT_IDUSER_C", nullable = false, length = 36)
|
||||||
private String userId;
|
private String userId;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Login IP.
|
||||||
|
*/
|
||||||
|
@Column(name = "AUT_IP_C", nullable = true, length = 45)
|
||||||
|
private String ip;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Login user agent.
|
||||||
|
*/
|
||||||
|
@Column(name = "AUT_UA_C", nullable = true, length = 1000)
|
||||||
|
private String userAgent;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Remember the user next time (long lasted session).
|
* Remember the user next time (long lasted session).
|
||||||
*/
|
*/
|
||||||
@ -100,6 +112,38 @@ public class AuthenticationToken {
|
|||||||
public void setLongLasted(boolean longLasted) {
|
public void setLongLasted(boolean longLasted) {
|
||||||
this.longLasted = longLasted;
|
this.longLasted = longLasted;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Getter of ip.
|
||||||
|
* @return ip
|
||||||
|
*/
|
||||||
|
public String getIp() {
|
||||||
|
return ip;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Setter of ip.
|
||||||
|
* @param ip ip
|
||||||
|
*/
|
||||||
|
public void setIp(String ip) {
|
||||||
|
this.ip = ip;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Getter of userAgent.
|
||||||
|
* @return userAgent
|
||||||
|
*/
|
||||||
|
public String getUserAgent() {
|
||||||
|
return userAgent;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Setter of userAgent.
|
||||||
|
* @param userAgent userAgent
|
||||||
|
*/
|
||||||
|
public void setUserAgent(String userAgent) {
|
||||||
|
this.userAgent = userAgent;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Getter of creationDate.
|
* Getter of creationDate.
|
||||||
@ -142,6 +186,8 @@ public class AuthenticationToken {
|
|||||||
return Objects.toStringHelper(this)
|
return Objects.toStringHelper(this)
|
||||||
.add("id", "**hidden**")
|
.add("id", "**hidden**")
|
||||||
.add("userId", userId)
|
.add("userId", userId)
|
||||||
|
.add("ip", ip)
|
||||||
|
.add("userAgent", userAgent)
|
||||||
.add("longLasted", longLasted)
|
.add("longLasted", longLasted)
|
||||||
.toString();
|
.toString();
|
||||||
}
|
}
|
||||||
|
@ -1 +1 @@
|
|||||||
db.version=9
|
db.version=10
|
@ -0,0 +1,4 @@
|
|||||||
|
alter table T_FILE alter column FIL_IDUSER_C set not null;
|
||||||
|
alter table T_AUTHENTICATION_TOKEN add column AUT_IP_C varchar(45);
|
||||||
|
alter table T_AUTHENTICATION_TOKEN add column AUT_UA_C varchar(1000);
|
||||||
|
update T_CONFIG set CFG_VALUE_C='10' where CFG_ID_C='DB_VERSION';
|
@ -1,3 +1,3 @@
|
|||||||
api.current_version=${project.version}
|
api.current_version=${project.version}
|
||||||
api.min_version=1.0
|
api.min_version=1.0
|
||||||
db.version=9
|
db.version=10
|
@ -1,5 +1,6 @@
|
|||||||
package com.sismics.docs.rest.resource;
|
package com.sismics.docs.rest.resource;
|
||||||
|
|
||||||
|
import com.google.common.base.Strings;
|
||||||
import com.sismics.docs.core.constant.Constants;
|
import com.sismics.docs.core.constant.Constants;
|
||||||
import com.sismics.docs.core.dao.jpa.AuthenticationTokenDao;
|
import com.sismics.docs.core.dao.jpa.AuthenticationTokenDao;
|
||||||
import com.sismics.docs.core.dao.jpa.RoleBaseFunctionDao;
|
import com.sismics.docs.core.dao.jpa.RoleBaseFunctionDao;
|
||||||
@ -288,12 +289,20 @@ public class UserResource extends BaseResource {
|
|||||||
if (userId == null) {
|
if (userId == null) {
|
||||||
throw new ForbiddenClientException();
|
throw new ForbiddenClientException();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Get the remote IP
|
||||||
|
String ip = request.getHeader("x-forwarded-for");
|
||||||
|
if (Strings.isNullOrEmpty(ip)) {
|
||||||
|
ip = request.getRemoteAddr();
|
||||||
|
}
|
||||||
|
|
||||||
// Create a new session token
|
// Create a new session token
|
||||||
AuthenticationTokenDao authenticationTokenDao = new AuthenticationTokenDao();
|
AuthenticationTokenDao authenticationTokenDao = new AuthenticationTokenDao();
|
||||||
AuthenticationToken authenticationToken = new AuthenticationToken();
|
AuthenticationToken authenticationToken = new AuthenticationToken();
|
||||||
authenticationToken.setUserId(userId);
|
authenticationToken.setUserId(userId);
|
||||||
authenticationToken.setLongLasted(longLasted);
|
authenticationToken.setLongLasted(longLasted);
|
||||||
|
authenticationToken.setIp(ip);
|
||||||
|
authenticationToken.setUserAgent(StringUtils.abbreviate(request.getHeader("user-agent"), 1000));
|
||||||
String token = authenticationTokenDao.create(authenticationToken);
|
String token = authenticationTokenDao.create(authenticationToken);
|
||||||
|
|
||||||
// Cleanup old session tokens
|
// Cleanup old session tokens
|
||||||
@ -566,6 +575,8 @@ public class UserResource extends BaseResource {
|
|||||||
for (AuthenticationToken authenticationToken : authenticationTokenDao.getByUserId(principal.getId())) {
|
for (AuthenticationToken authenticationToken : authenticationTokenDao.getByUserId(principal.getId())) {
|
||||||
JSONObject session = new JSONObject();
|
JSONObject session = new JSONObject();
|
||||||
session.put("create_date", authenticationToken.getCreationDate().getTime());
|
session.put("create_date", authenticationToken.getCreationDate().getTime());
|
||||||
|
session.put("ip", authenticationToken.getIp());
|
||||||
|
session.put("user_agent", authenticationToken.getUserAgent());
|
||||||
if (authenticationToken.getLastConnectionDate() != null) {
|
if (authenticationToken.getLastConnectionDate() != null) {
|
||||||
session.put("last_connection_date", authenticationToken.getLastConnectionDate().getTime());
|
session.put("last_connection_date", authenticationToken.getLastConnectionDate().getTime());
|
||||||
}
|
}
|
||||||
|
@ -4,6 +4,7 @@
|
|||||||
<tr>
|
<tr>
|
||||||
<th>Created date</th>
|
<th>Created date</th>
|
||||||
<th>Last connection date</th>
|
<th>Last connection date</th>
|
||||||
|
<th>From</th>
|
||||||
<th>Current</th>
|
<th>Current</th>
|
||||||
</tr>
|
</tr>
|
||||||
</thead>
|
</thead>
|
||||||
@ -11,6 +12,7 @@
|
|||||||
<tr ng-repeat="session in sessions | orderBy: '-current'" ng-class="{ 'info': session.current, 'warning': !session.current }">
|
<tr ng-repeat="session in sessions | orderBy: '-current'" ng-class="{ 'info': session.current, 'warning': !session.current }">
|
||||||
<td>{{ session.create_date | date: 'yyyy-MM-dd HH:mm' }}</td>
|
<td>{{ session.create_date | date: 'yyyy-MM-dd HH:mm' }}</td>
|
||||||
<td>{{ session.last_connection_date | date: 'yyyy-MM-dd HH:mm' }}</td>
|
<td>{{ session.last_connection_date | date: 'yyyy-MM-dd HH:mm' }}</td>
|
||||||
|
<td title="{{ session.user_agent }}">{{ session.ip }}</td>
|
||||||
<td><span ng-show="session.current" class="glyphicon glyphicon-ok"></span></td>
|
<td><span ng-show="session.current" class="glyphicon glyphicon-ok"></span></td>
|
||||||
</tr>
|
</tr>
|
||||||
</tbody>
|
</tbody>
|
||||||
|
@ -1,3 +1,3 @@
|
|||||||
api.current_version=${project.version}
|
api.current_version=${project.version}
|
||||||
api.min_version=1.0
|
api.min_version=1.0
|
||||||
db.version=9
|
db.version=10
|
@ -144,6 +144,9 @@ public class TestUserResource extends BaseJerseyTest {
|
|||||||
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
|
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
|
||||||
json = response.getEntity(JSONObject.class);
|
json = response.getEntity(JSONObject.class);
|
||||||
Assert.assertTrue(json.getJSONArray("sessions").length() > 0);
|
Assert.assertTrue(json.getJSONArray("sessions").length() > 0);
|
||||||
|
JSONObject session = json.getJSONArray("sessions").getJSONObject(0);
|
||||||
|
Assert.assertEquals("127.0.0.1", session.getString("ip"));
|
||||||
|
Assert.assertTrue(session.getString("user_agent").startsWith("Java"));
|
||||||
|
|
||||||
// Delete all sessions
|
// Delete all sessions
|
||||||
userResource = resource().path("/user/session");
|
userResource = resource().path("/user/session");
|
||||||
|
Loading…
Reference in New Issue
Block a user