ra/runelite
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

authfilter: cache sessions

Browse Source
This commit is contained in:
Adam
2019-08-17 23:02:00 -04:00
parent 799a8943d3
commit bd0badf7fc
2 changed files with 42 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
http-service/src/main/java/net/runelite/http/service/account/AccountService.java
View File

@@ -263,6 +263,8 @@ public class AccountService
return; return;
} }
auth.invalidate(session.getUuid());
try (Connection con = sql2o.open()) try (Connection con = sql2o.open())
{ {
con.createQuery("delete from sessions where uuid = :uuid") con.createQuery("delete from sessions where uuid = :uuid")

52
http-service/src/main/java/net/runelite/http/service/account/AuthFilter.java
View File

@@ -24,14 +24,18 @@
*/ */
package net.runelite.http.service.account; package net.runelite.http.service.account;
import com.google.common.cache.Cache;
import com.google.common.cache.CacheBuilder;
import com.google.common.cache.RemovalNotification;
import java.io.IOException; import java.io.IOException;
import net.runelite.http.service.account.beans.SessionEntry;
import java.sql.Timestamp; import java.sql.Timestamp;
import java.time.Instant; import java.time.Instant;
import java.util.UUID; import java.util.UUID;
import java.util.concurrent.TimeUnit;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import net.runelite.http.api.RuneLiteAPI; import net.runelite.http.api.RuneLiteAPI;
import net.runelite.http.service.account.beans.SessionEntry;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
@@ -43,6 +47,12 @@ public class AuthFilter
{ {
private final Sql2o sql2o; private final Sql2o sql2o;
private final Cache<UUID, SessionEntry> sessionCache = CacheBuilder.newBuilder()
.maximumSize(10000L)
.expireAfterAccess(30, TimeUnit.MINUTES)
.removalListener(this::removalListener)
.build();
@Autowired @Autowired
public AuthFilter(@Qualifier("Runelite SQL2O") Sql2o sql2o) public AuthFilter(@Qualifier("Runelite SQL2O") Sql2o sql2o)
{ {
@@ -59,30 +69,48 @@ public class AuthFilter
} }
UUID uuid = UUID.fromString(runeliteAuth); UUID uuid = UUID.fromString(runeliteAuth);
SessionEntry sessionEntry = sessionCache.getIfPresent(uuid);
if (sessionEntry != null)
{
return sessionEntry;
}
try (Connection con = sql2o.open()) try (Connection con = sql2o.open())
{ {
SessionEntry sessionEntry = con.createQuery("select user, uuid, created from sessions where uuid = :uuid") sessionEntry = con.createQuery("select user, uuid, created, last_used as lastUsed from sessions where uuid = :uuid")
.addParameter("uuid", uuid.toString()) .addParameter("uuid", uuid.toString())
.executeAndFetchFirst(SessionEntry.class); .executeAndFetchFirst(SessionEntry.class);
}
if (sessionEntry == null) if (sessionEntry == null)
{ {
response.sendError(401, "Access denied"); response.sendError(401, "Access denied");
return null; return null;
} }
Instant now = Instant.now(); sessionCache.put(uuid, sessionEntry);
return sessionEntry;
}
private void removalListener(RemovalNotification<UUID, SessionEntry> notification)
{
UUID uuid = notification.getKey();
Instant now = Instant.now();
try (Connection con = sql2o.open())
{
con.createQuery("update sessions set last_used = :last_used where uuid = :uuid") con.createQuery("update sessions set last_used = :last_used where uuid = :uuid")
.addParameter("last_used", Timestamp.from(now)) .addParameter("last_used", Timestamp.from(now))
.addParameter("uuid", uuid.toString()) .addParameter("uuid", uuid.toString())
.executeUpdate(); .executeUpdate();
sessionEntry.setLastUsed(now);
return sessionEntry;
} }
} }
public void invalidate(UUID uuid)
{
// If we ever run multiple services, may need to publish something here to invalidate...
sessionCache.invalidate(uuid);
}
} }