From 07dbc1fca82713d26cdd39f55e37ec228b144ee1 Mon Sep 17 00:00:00 2001 From: Rainnny7 Date: Thu, 19 Sep 2024 04:12:07 -0400 Subject: [PATCH] store extra data in user sessions --- .../api/config/WebSecurityConfig.java | 2 +- .../api/controller/v1/AuthController.java | 7 --- .../model/user/response/UserAuthResponse.java | 2 +- .../api/model/user/{ => session}/Session.java | 12 ++-- .../model/user/session/SessionLocation.java | 57 +++++++++++++++++++ .../api/repository/SessionRepository.java | 2 +- .../cc/pulseapp/api/service/AuthService.java | 4 +- 7 files changed, 67 insertions(+), 19 deletions(-) rename src/main/java/cc/pulseapp/api/model/user/{ => session}/Session.java (79%) create mode 100644 src/main/java/cc/pulseapp/api/model/user/session/SessionLocation.java diff --git a/src/main/java/cc/pulseapp/api/config/WebSecurityConfig.java b/src/main/java/cc/pulseapp/api/config/WebSecurityConfig.java index b817fcc..dd11838 100644 --- a/src/main/java/cc/pulseapp/api/config/WebSecurityConfig.java +++ b/src/main/java/cc/pulseapp/api/config/WebSecurityConfig.java @@ -1,7 +1,7 @@ package cc.pulseapp.api.config; import cc.pulseapp.api.model.IGenericResponse; -import cc.pulseapp.api.model.user.Session; +import cc.pulseapp.api.model.user.session.Session; import cc.pulseapp.api.repository.SessionRepository; import jakarta.servlet.http.HttpServletRequest; import lombok.NonNull; diff --git a/src/main/java/cc/pulseapp/api/controller/v1/AuthController.java b/src/main/java/cc/pulseapp/api/controller/v1/AuthController.java index 96b3f68..af5f30b 100644 --- a/src/main/java/cc/pulseapp/api/controller/v1/AuthController.java +++ b/src/main/java/cc/pulseapp/api/controller/v1/AuthController.java @@ -16,8 +16,6 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; -import java.util.Iterator; - /** * This controller is responsible for handling * {@link User} authentication requests. @@ -60,11 +58,6 @@ public final class AuthController { */ @PostMapping("/login") @ResponseBody @NonNull public ResponseEntity login(@NonNull HttpServletRequest request, UserLoginInput input) throws BadRequestException { - Iterator iterator = request.getHeaderNames().asIterator(); - while (iterator.hasNext()) { - String name = iterator.next(); - System.out.println("header: " + name + " = " + request.getHeader(name)); - } return ResponseEntity.ok(authService.loginUser(request, input)); } } \ No newline at end of file diff --git a/src/main/java/cc/pulseapp/api/model/user/response/UserAuthResponse.java b/src/main/java/cc/pulseapp/api/model/user/response/UserAuthResponse.java index acb7841..50cd0f0 100644 --- a/src/main/java/cc/pulseapp/api/model/user/response/UserAuthResponse.java +++ b/src/main/java/cc/pulseapp/api/model/user/response/UserAuthResponse.java @@ -1,6 +1,6 @@ package cc.pulseapp.api.model.user.response; -import cc.pulseapp.api.model.user.Session; +import cc.pulseapp.api.model.user.session.Session; import cc.pulseapp.api.model.user.UserDTO; import lombok.AllArgsConstructor; import lombok.Getter; diff --git a/src/main/java/cc/pulseapp/api/model/user/Session.java b/src/main/java/cc/pulseapp/api/model/user/session/Session.java similarity index 79% rename from src/main/java/cc/pulseapp/api/model/user/Session.java rename to src/main/java/cc/pulseapp/api/model/user/session/Session.java index 4211130..ba3d2e6 100644 --- a/src/main/java/cc/pulseapp/api/model/user/Session.java +++ b/src/main/java/cc/pulseapp/api/model/user/session/Session.java @@ -1,5 +1,6 @@ -package cc.pulseapp.api.model.user; +package cc.pulseapp.api.model.user.session; +import cc.pulseapp.api.model.user.User; import com.fasterxml.jackson.annotation.JsonIgnore; import lombok.AllArgsConstructor; import lombok.Getter; @@ -37,14 +38,9 @@ public final class Session { @Indexed @NonNull private final String refreshToken; /** - * The IP address of the user that created this session. + * The location this session originated from. */ - @NonNull @JsonIgnore private final String ipAddress; - - /** - * The user agent of the user that created this session. - */ - @NonNull @JsonIgnore private final String userAgent; + @NonNull @JsonIgnore private final SessionLocation location; /** * The unix timestamp of when this token expires. diff --git a/src/main/java/cc/pulseapp/api/model/user/session/SessionLocation.java b/src/main/java/cc/pulseapp/api/model/user/session/SessionLocation.java new file mode 100644 index 0000000..b640afc --- /dev/null +++ b/src/main/java/cc/pulseapp/api/model/user/session/SessionLocation.java @@ -0,0 +1,57 @@ +package cc.pulseapp.api.model.user.session; + +import cc.pulseapp.api.common.RequestUtils; +import jakarta.servlet.http.HttpServletRequest; +import lombok.*; + +/** + * The location a {@link Session} originated from. + * + * @author Braydon + */ +@AllArgsConstructor(access = AccessLevel.PRIVATE) @Getter @ToString +public final class SessionLocation { + /** + * The IP address that created the session. + */ + @NonNull private final String ip; + + /** + * The country of the person that + * created the session, if known. + */ + private final String country; + + /** + * The region of the person that + * created the session, if known. + */ + private final String region; + + /** + * The city of the person that + * created the session, if known. + */ + private final String city; + + /** + * The user agent of the person + * that created the session. + */ + @NonNull private final String userAgent; + + /** + * Build a location from the given request. + * + * @param request the request to build from + * @return the session location + */ + @NonNull + public static SessionLocation buildFromRequest(@NonNull HttpServletRequest request) { + return new SessionLocation( + RequestUtils.getRealIp(request), request.getHeader("CF-IPCountry"), + request.getHeader("CF-Region"), request.getHeader("CF-IPCity"), + RequestUtils.getUserAgent(request) + ); + } +} \ No newline at end of file diff --git a/src/main/java/cc/pulseapp/api/repository/SessionRepository.java b/src/main/java/cc/pulseapp/api/repository/SessionRepository.java index ba81a80..d3793cd 100644 --- a/src/main/java/cc/pulseapp/api/repository/SessionRepository.java +++ b/src/main/java/cc/pulseapp/api/repository/SessionRepository.java @@ -1,6 +1,6 @@ package cc.pulseapp.api.repository; -import cc.pulseapp.api.model.user.Session; +import cc.pulseapp.api.model.user.session.Session; import lombok.NonNull; import org.springframework.data.repository.CrudRepository; diff --git a/src/main/java/cc/pulseapp/api/service/AuthService.java b/src/main/java/cc/pulseapp/api/service/AuthService.java index f2a80c5..d8934d7 100644 --- a/src/main/java/cc/pulseapp/api/service/AuthService.java +++ b/src/main/java/cc/pulseapp/api/service/AuthService.java @@ -11,6 +11,8 @@ import cc.pulseapp.api.model.user.*; import cc.pulseapp.api.model.user.input.UserLoginInput; import cc.pulseapp.api.model.user.input.UserRegistrationInput; import cc.pulseapp.api.model.user.response.UserAuthResponse; +import cc.pulseapp.api.model.user.session.Session; +import cc.pulseapp.api.model.user.session.SessionLocation; import cc.pulseapp.api.repository.SessionRepository; import cc.pulseapp.api.repository.UserRepository; import jakarta.servlet.http.HttpServletRequest; @@ -166,7 +168,7 @@ public final class AuthService { snowflakeService.generateSnowflake(), user.getSnowflake(), StringUtils.generateRandom(128, true, true, false), StringUtils.generateRandom(128, true, true, false), - RequestUtils.getRealIp(request), RequestUtils.getUserAgent(request), + SessionLocation.buildFromRequest(request), System.currentTimeMillis() + TimeUnit.DAYS.toMillis(30L) )); }