WebSessionStore performs expiration check on retrieve
Issue: SPR-15963
This commit is contained in:
@@ -80,7 +80,6 @@ public class DefaultWebSessionManager implements WebSessionManager {
|
||||
public Mono<WebSession> getSession(ServerWebExchange exchange) {
|
||||
return Mono.defer(() ->
|
||||
retrieveSession(exchange)
|
||||
.flatMap(session -> removeSessionIfExpired(exchange, session))
|
||||
.flatMap(this.getSessionStore()::updateLastAccessTime)
|
||||
.switchIfEmpty(this.sessionStore.createWebSession())
|
||||
.doOnNext(session -> exchange.getResponse().beforeCommit(() -> save(exchange, session))));
|
||||
@@ -92,14 +91,6 @@ public class DefaultWebSessionManager implements WebSessionManager {
|
||||
.next();
|
||||
}
|
||||
|
||||
private Mono<WebSession> removeSessionIfExpired(ServerWebExchange exchange, WebSession session) {
|
||||
if (session.isExpired()) {
|
||||
this.sessionIdResolver.expireSession(exchange);
|
||||
return this.sessionStore.removeSession(session.getId()).then(Mono.empty());
|
||||
}
|
||||
return Mono.just(session);
|
||||
}
|
||||
|
||||
private Mono<Void> save(ServerWebExchange exchange, WebSession session) {
|
||||
if (session.isExpired()) {
|
||||
return Mono.error(new IllegalStateException(
|
||||
@@ -110,11 +101,14 @@ public class DefaultWebSessionManager implements WebSessionManager {
|
||||
}
|
||||
|
||||
if (!session.isStarted()) {
|
||||
if (hasNewSessionId(exchange, session)) {
|
||||
this.sessionIdResolver.expireSession(exchange);
|
||||
}
|
||||
return Mono.empty();
|
||||
}
|
||||
|
||||
if (hasNewSessionId(exchange, session)) {
|
||||
DefaultWebSessionManager.this.sessionIdResolver.setSessionId(exchange, session.getId());
|
||||
this.sessionIdResolver.setSessionId(exchange, session.getId());
|
||||
}
|
||||
|
||||
return session.save();
|
||||
|
||||
@@ -77,7 +77,17 @@ public class InMemoryWebSessionStore implements WebSessionStore {
|
||||
|
||||
@Override
|
||||
public Mono<WebSession> retrieveSession(String id) {
|
||||
return (this.sessions.containsKey(id) ? Mono.just(this.sessions.get(id)) : Mono.empty());
|
||||
WebSession session = this.sessions.get(id);
|
||||
if (session == null) {
|
||||
return Mono.empty();
|
||||
}
|
||||
else if (session.isExpired()) {
|
||||
this.sessions.remove(id);
|
||||
return Mono.empty();
|
||||
}
|
||||
else {
|
||||
return Mono.just(session);
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@@ -40,8 +40,10 @@ public interface WebSessionStore {
|
||||
|
||||
/**
|
||||
* Return the WebSession for the given id.
|
||||
* <p><strong>Note:</strong> This method should perform an expiration check,
|
||||
* remove the session if it has expired and return empty.
|
||||
* @param sessionId the session to load
|
||||
* @return the session, or an empty {@code Mono}.
|
||||
* @return the session, or an empty {@code Mono} .
|
||||
*/
|
||||
Mono<WebSession> retrieveSession(String sessionId);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user