QtWebApp
httpsessionstore.cpp
Go to the documentation of this file.
1 
6 #include "httpsessionstore.h"
7 #include <QDateTime>
8 #include <QUuid>
9 
10 using namespace stefanfrings;
11 
12 HttpSessionStore::HttpSessionStore(const QSettings *settings, QObject* parent)
13  :QObject(parent)
14 {
15  this->settings=settings;
16  connect(&cleanupTimer,SIGNAL(timeout()),this,SLOT(sessionTimerEvent()));
17  cleanupTimer.start(60000);
18  cookieName=settings->value("cookieName","sessionid").toByteArray();
19  expirationTime=settings->value("expirationTime",3600000).toInt();
20  qDebug("HttpSessionStore: Sessions expire after %i milliseconds",expirationTime);
21 }
22 
24 {
25  cleanupTimer.stop();
26 }
27 
29 {
30  // The session ID in the response has priority because this one will be used in the next request.
31  mutex.lock();
32  // Get the session ID from the response cookie
33  QByteArray sessionId=response.getCookies().value(cookieName).getValue();
34  if (sessionId.isEmpty())
35  {
36  // Get the session ID from the request cookie
37  sessionId=request.getCookie(cookieName);
38  }
39  // Clear the session ID if there is no such session in the storage.
40  if (!sessionId.isEmpty())
41  {
42  if (!sessions.contains(sessionId))
43  {
44  qDebug("HttpSessionStore: received invalid session cookie with ID %s",sessionId.data());
45  sessionId.clear();
46  }
47  }
48  mutex.unlock();
49  return sessionId;
50 }
51 
52 HttpSession HttpSessionStore::getSession(HttpRequest& request, HttpResponse& response, bool allowCreate)
53 {
54  QByteArray sessionId=getSessionId(request,response);
55  mutex.lock();
56  if (!sessionId.isEmpty())
57  {
58  HttpSession session=sessions.value(sessionId);
59  if (!session.isNull())
60  {
61  mutex.unlock();
62  // Refresh the session cookie
63  QByteArray cookieName=settings->value("cookieName","sessionid").toByteArray();
64  QByteArray cookiePath=settings->value("cookiePath").toByteArray();
65  QByteArray cookieComment=settings->value("cookieComment").toByteArray();
66  QByteArray cookieDomain=settings->value("cookieDomain").toByteArray();
67  response.setCookie(HttpCookie(cookieName,session.getId(),expirationTime/1000,cookiePath,cookieComment,cookieDomain));
68  session.setLastAccess();
69  return session;
70  }
71  }
72  // Need to create a new session
73  if (allowCreate)
74  {
75  QByteArray cookieName=settings->value("cookieName","sessionid").toByteArray();
76  QByteArray cookiePath=settings->value("cookiePath").toByteArray();
77  QByteArray cookieComment=settings->value("cookieComment").toByteArray();
78  QByteArray cookieDomain=settings->value("cookieDomain").toByteArray();
79  HttpSession session(true);
80  qDebug("HttpSessionStore: create new session with ID %s",session.getId().data());
81  sessions.insert(session.getId(),session);
82  response.setCookie(HttpCookie(cookieName,session.getId(),expirationTime/1000,cookiePath,cookieComment,cookieDomain));
83  mutex.unlock();
84  return session;
85  }
86  // Return a null session
87  mutex.unlock();
88  return HttpSession();
89 }
90 
92 {
93  mutex.lock();
94  HttpSession session=sessions.value(id);
95  mutex.unlock();
96  session.setLastAccess();
97  return session;
98 }
99 
100 void HttpSessionStore::sessionTimerEvent()
101 {
102  mutex.lock();
103  qint64 now=QDateTime::currentMSecsSinceEpoch();
104  QMap<QByteArray,HttpSession>::iterator i = sessions.begin();
105  while (i != sessions.end())
106  {
107  QMap<QByteArray,HttpSession>::iterator prev = i;
108  ++i;
109  HttpSession session=prev.value();
110  qint64 lastAccess=session.getLastAccess();
111  if (now-lastAccess>expirationTime)
112  {
113  qDebug("HttpSessionStore: session %s expired",session.getId().data());
114  sessions.erase(prev);
115  }
116  }
117  mutex.unlock();
118 }
119 
120 
123 {
124  mutex.lock();
125  sessions.remove(session.getId());
126  mutex.unlock();
127 }
QByteArray getId() const
Get the unique ID of this session.
Definition: httpsession.cpp:95
This object represents a HTTP response, used to return something to the web client.
Definition: httpresponse.h:36
QByteArray getCookie(const QByteArray &name) const
Get the value of a cookie.
This object represents a single HTTP request.
Definition: httprequest.h:38
bool isNull() const
Null sessions cannot store data.
virtual ~HttpSessionStore()
Destructor.
QMap< QByteArray, HttpSession > sessions
Storage for the sessions.
qint64 getLastAccess() const
Get the timestamp of last access.
QByteArray getSessionId(HttpRequest &request, HttpResponse &response)
Get the ID of the current HTTP session, if it is valid.
HttpSession getSession(HttpRequest &request, HttpResponse &response, const bool allowCreate=true)
Get the session of a HTTP request, eventually create a new one.
HttpSessionStore(const QSettings *settings, QObject *parent=nullptr)
Constructor.
QMap< QByteArray, HttpCookie > & getCookies()
Get the map of cookies.
void removeSession(const HttpSession session)
Delete a session.
HTTP cookie as defined in RFC 2109.
Definition: httpcookie.h:21
This class stores data for a single HTTP session.
Definition: httpsession.h:23
void setCookie(const HttpCookie &cookie)
Set a cookie.
void setLastAccess()
Set the timestamp of last access, to renew the timeout period.