Skip to content

Instantly share code, notes, and snippets.

@poornerd

poornerd/Secured.java

Created April 1, 2014 19:36
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save poornerd/9921407 to your computer and use it in GitHub Desktop.
Save poornerd/9921407 to your computer and use it in GitHub Desktop.
Download ZIP
Implementing a session timeout in Play Framework 2
Raw
Secured.java
/*
* How to implement a session timeout in Play Framework 2
* http://www.poornerd.com/2014/04/01/how-to-implement-a-session-timeout-in-play-framework-2/
*
*/
public class Secured extends Security.Authenticator {
public static final String UNAUTHENTICATED = "unauthenticated";
public static User getLoggedInUser() {
if (session("userId") == null)
return null;
return User.findById(Long.parseLong(session("userId")));
}
public static String getLoggedInUsername() {
if (session("userId") == null)
return null;
return User.findById(Long.parseLong(session("userId"))).getUsername();
}
@Override
public String getUsername(Http.Context ctx) {
// see if user is logged in
if (session("userId") == null)
return null;
// see if the session is expired
String previousTick = session("userTime");
if (previousTick != null && !previousTick.equals("")) {
long previousT = Long.valueOf(previousTick);
long currentT = new Date().getTime();
long timeout = Long.valueOf(Play.application().configuration().getString("sessionTimeout")) * 1000 * 60;
if ((currentT - previousT) > timeout) {
// session expired
session().clear();
return null;
}
}
// update time in session
String tickString = Long.toString(new Date().getTime());
session("userTime", tickString);
return User.findById(Long.parseLong(session("userId"))).getUsername();
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment