[+] Find session when validating request

2024-02-26 00:32:38 -05:00
parent c9ffd3cd11
commit b89147120c
2 changed files with 19 additions and 6 deletions
--- a/src/main/java/icu/samnyan/aqua/sega/allnet/AllNetSecure.kt
+++ b/src/main/java/icu/samnyan/aqua/sega/allnet/AllNetSecure.kt
@@ -23,7 +23,8 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurer
@Component
@ConditionalOnBean(AllNetSecureInit::class)
 class TokenChecker(
-    val keyChipRepo: KeyChipRepo
+    val keyChipRepo: KeyChipRepo,
+    val keychipSessionService: KeychipSessionService,
 ) : HandlerInterceptor {
    val log = LoggerFactory.getLogger(TokenChecker::class.java)

@@ -40,7 +41,8 @@ class TokenChecker(

        // Check whether the token exists in the database
        // The token can either be a keychip id (old method) or a session id (new method)
-        if (token.isNotBlank() && keyChipRepo.existsByKeychipId(token))
+        val session = keychipSessionService.find(token)
+        if (token.isNotBlank() && (keyChipRepo.existsByKeychipId(token) || session != null))
        {
            // Forward the request
            val w = RewriteWrapper(req, token).apply { setAttribute("token", token) }
--- a/src/main/java/icu/samnyan/aqua/sega/allnet/KeychipSession.kt
+++ b/src/main/java/icu/samnyan/aqua/sega/allnet/KeychipSession.kt
@@ -26,7 +26,7 @@ class KeychipSession(
    val token: String = genUrlSafeToken(32),

    @Column(nullable = false)
-    val lastUse: Long = System.currentTimeMillis()
+    var lastUse: Long = System.currentTimeMillis()
 )


@@ -45,9 +45,6 @@ interface KeychipSessionRepo : JpaRepository<KeychipSession, String> {
    fun deleteAllByLastUseBefore(expire: Long)
 }

-/**
- * Service to regularly delete unused keychip sessions.
- */
@Service
 class KeychipSessionService(
    val keychipSessionRepo: KeychipSessionRepo,
@@ -55,6 +52,9 @@ class KeychipSessionService(
 ) {
    val logger = LoggerFactory.getLogger(KeychipSessionService::class.java)

+    /**
+     * Delete sessions that are older than the expire time.
+     */
    @Scheduled(fixedDelayString = "\${allnet.server.keychip-ses-clean-interval}")
    fun cleanup() {
        logger.info("!!! Keychip session cleanup !!!")
@@ -62,8 +62,19 @@ class KeychipSessionService(
        keychipSessionRepo.deleteAllByLastUseBefore(expire)
    }

+    /**
+     * Create a new session.
+     */
    fun new(user: AquaNetUser): KeychipSession {
        val session = KeychipSession(user = user)
        return keychipSessionRepo.save(session)
    }
+
+    /**
+     * Find a session. If found, renew the last use time.
+     */
+    fun find(token: String) = keychipSessionRepo.findByToken(token)?.apply {
+        lastUse = System.currentTimeMillis()
+        keychipSessionRepo.save(this)
+    }
 }