LoggedInFilter.scala

package code.servlets

import java.util.UUID
import javax.servlet._
import javax.servlet.http.{HttpServletRequest, HttpServletResponse}

import code.config.AppSettings
import code.model.AcmApp
import code.model.user.ExtSession._
import net.liftmodules.mongoauth.MongoAuth
import net.liftweb.common.{Empty, Box, Full, Failure}
import net.liftweb.util.Helpers._

class LoggedInFilter extends Filter {

  def doFilter(req: ServletRequest, res: ServletResponse, chain: FilterChain): Unit = {
    val httpReq = req.asInstanceOf[HttpServletRequest]
    val sessionId = httpReq.getSession.getId
    val extSess = for {
      cookies <- Box.legacyNullTest(httpReq.getCookies)
      cookie <- Box(cookies.find { c => c.getName == MongoAuth.extSessionCookieName.vend })
      cookieValue = cookie.getValue
      uuid <- tryo(UUID.fromString(cookieValue)) ?~ "Invalid UUID"
      es <- find(uuid) ?~ "ExtSession not found: %s".format(uuid.toString)
    } yield {
      es
    }
    val resp = res.asInstanceOf[HttpServletResponse]

    extSess match {
      case Failure(msg, _, _) =>
        deleteExtCookie()
        resp.sendRedirect(AppSettings.protocol + "://" + AcmApp.Dashboard.domain + "/login")
      case Full(es) if es.expires.isExpired => // if it's expired, delete it and the cookie
        deleteExtCookie()
        resp.sendRedirect(AppSettings.protocol + "://" + AcmApp.Dashboard.domain + "/login")
      case Empty =>
        resp.sendRedirect(AppSettings.protocol + "://" + AcmApp.Dashboard.domain + "/login")
      case _ =>
        chain.doFilter(req, res)
    }

  }

  def init(config: FilterConfig): Unit = {}

  def destroy(): Unit = {}

}