From 7058cfa211d6d2d7215b2aca475f7966f9d8166a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Prante?= <joergprante@gmail.com>
Date: Fri, 19 Apr 2024 17:12:22 +0200
Subject: [PATCH] drop last modified extra field from session, do not keep user
 profile in session

---
 .../net/http/server/session/BaseSession.java  | 55 ++++++-------------
 .../session/IncomingContextHandler.java       |  2 +-
 .../xbib/net/http/server/session/Session.java |  2 -
 3 files changed, 18 insertions(+), 41 deletions(-)

diff --git a/net-http-server/src/main/java/org/xbib/net/http/server/session/BaseSession.java b/net-http-server/src/main/java/org/xbib/net/http/server/session/BaseSession.java
index 585f03c..afa22a8 100644
--- a/net-http-server/src/main/java/org/xbib/net/http/server/session/BaseSession.java
+++ b/net-http-server/src/main/java/org/xbib/net/http/server/session/BaseSession.java
@@ -6,6 +6,7 @@ import java.util.Collection;
 import java.util.LinkedHashMap;
 import java.util.Map;
 import java.util.Set;
+
 import org.xbib.datastructures.common.LRUCache;
 import org.xbib.net.UserProfile;
 
@@ -13,8 +14,6 @@ public class BaseSession implements Session {
 
     static String CREATED_FIELD = "_created_";
 
-    static String LAST_MODIFIED_FIELD = "_lastmodified_";
-
     static String CACHE_PREFIX = "_cache_";
 
     private final SessionListener sessionListener;
@@ -83,42 +82,26 @@ public class BaseSession implements Session {
 
     @Override
     public boolean isExpired() {
-        String string = (String) get(LAST_MODIFIED_FIELD);
-        if (string == null) {
-            string = (String) get(CREATED_FIELD);
-        }
-        if (string == null) {
-            return false;
-        }
-        Instant now = Instant.now();
-        Instant lastModified = Instant.parse(string);
-        return Duration.between(lastModified, now).compareTo(lifetime) > 0;
-    }
-
-    public void setUserProfile(UserProfile userProfile) {
-        this.userProfile = userProfile;
-    }
-
-    public UserProfile getUserProfile() {
-        return userProfile;
-    }
-
-    @Override
-    public boolean isAuthenticated() {
-        return userProfile != null && userProfile.getUserId() != null;
-    }
-
-    @Override
-    public boolean hasPayload() {
-        return !isEmpty() &&
-                !(size() == 1 && containsKey(CREATED_FIELD)) &&
-                !(size() == 2 && containsKey(CREATED_FIELD) && containsKey(LAST_MODIFIED_FIELD));
+        return getAge().compareTo(lifetime) > 0;
     }
 
     @Override
     public Duration getAge() {
-        Instant instant = containsKey(CREATED_FIELD) ? Instant.parse(get(CREATED_FIELD).toString()) : Instant.now();
-        return Duration.between(instant, Instant.now());
+        return Duration.between(getLastModified(), Instant.now());
+    }
+
+    public Instant getLastModified() {
+        String string = (String) get(CREATED_FIELD);
+        return string == null ? Instant.now() : Instant.parse(string);
+    }
+
+    public Duration getLifetime() {
+        return lifetime;
+    }
+
+    @Override
+    public boolean hasPayload() {
+        return !isEmpty() && !(size() == 1 && containsKey(CREATED_FIELD));
     }
 
     @Override
@@ -201,10 +184,6 @@ public class BaseSession implements Session {
         return map.toString();
     }
 
-    public void setLastModified() {
-        put(LAST_MODIFIED_FIELD, Instant.now().toString());
-    }
-
     public int getCacheSize() {
         return cacheSize;
     }
diff --git a/net-http-server/src/main/java/org/xbib/net/http/server/session/IncomingContextHandler.java b/net-http-server/src/main/java/org/xbib/net/http/server/session/IncomingContextHandler.java
index e33adab..fbfb534 100644
--- a/net-http-server/src/main/java/org/xbib/net/http/server/session/IncomingContextHandler.java
+++ b/net-http-server/src/main/java/org/xbib/net/http/server/session/IncomingContextHandler.java
@@ -73,7 +73,7 @@ public class IncomingContextHandler implements HttpHandler {
                             payload = decodeCookie(cookie);
                             logger.log(Level.FINE, "payload from cookie = " + payload);
                             session = toSession(payload);
-                            logger.log(Level.FINE, "session from payload = " + session);
+                            logger.log(Level.FINE, "session from payload = " + session + " expired = " + session.isExpired() + " valid = " + session.isValid());
                             userProfile = toUserProfile(session);
                             logger.log(Level.FINE, "userprofile from session = " + userProfile);
                         } catch (CookieSignatureException e) {
diff --git a/net-http-server/src/main/java/org/xbib/net/http/server/session/Session.java b/net-http-server/src/main/java/org/xbib/net/http/server/session/Session.java
index 04c96e5..2bb6adf 100644
--- a/net-http-server/src/main/java/org/xbib/net/http/server/session/Session.java
+++ b/net-http-server/src/main/java/org/xbib/net/http/server/session/Session.java
@@ -15,8 +15,6 @@ public interface Session extends Map<String, Object> {
 
     boolean isExpired();
 
-    boolean isAuthenticated();
-
     boolean hasPayload();
 
     Duration getAge();