qtwebapp::HttpSessionStore Class Reference

#include <httpsessionstore.h>

Inherits QObject.

Collaboration diagram for qtwebapp::HttpSessionStore:

Public Member Functions
	HttpSessionStore (QSettings *settings, QObject *parent=NULL)
	HttpSessionStore (const HttpSessionsSettings &settings, QObject *parent=NULL)
virtual	~HttpSessionStore ()
QByteArray	getSessionId (HttpRequest &request, HttpResponse &response)
HttpSession	getSession (HttpRequest &request, HttpResponse &response, bool allowCreate=true)
HttpSession	getSession (const QByteArray id)
void	removeSession (HttpSession session)
HttpSessionsSettings	getListenerSettings () const
void	setListenerSettings (const HttpSessionsSettings &settings)

Protected Attributes
QMap< QByteArray, HttpSession >	sessions

Private Slots
void	sessionTimerEvent ()

Private Attributes
QSettings *	settings
HttpSessionsSettings	sessionsSettings
QTimer	cleanupTimer
QByteArray	cookieName
int	expirationTime
QMutex	mutex
bool	useQtSettings

Detailed Description

Stores HTTP sessions and deletes them when they have expired. The following configuration settings are required in the config file:

expirationTime=3600000
cookieName=sessionid

The following additional configurations settings are optionally:

cookiePath=/
cookieComment=Session ID
;cookieDomain=stefanfrings.de

Definition at line 38 of file httpsessionstore.h.

Constructor & Destructor Documentation

HttpSessionStore() [1/2]

HttpSessionStore::HttpSessionStore	(	QSettings *	settings,
		QObject *	parent = NULL
	)

Constructor with Qt settings.

Definition at line 13 of file httpsessionstore.cpp.

References cleanupTimer, cookieName, expirationTime, sessionTimerEvent(), and settings.

    :QObject(parent), useQtSettings(true)
{
    this->settings=settings;
    connect(&cleanupTimer,SIGNAL(timeout()),this,SLOT(sessionTimerEvent()));
    cleanupTimer.start(60000);
    cookieName=settings->value("cookieName","sessionid").toByteArray();
    expirationTime=settings->value("expirationTime",3600000).toInt();
    qDebug("HttpSessionStore: Sessions expire after %i milliseconds",expirationTime);
}

Here is the call graph for this function:

HttpSessionStore() [2/2]

HttpSessionStore::HttpSessionStore	(	const HttpSessionsSettings &	settings,
		QObject *	parent = NULL
	)

Constructor with settings structure.

Definition at line 24 of file httpsessionstore.cpp.

References cleanupTimer, qtwebapp::HttpSessionsSettings::cookieName, cookieName, qtwebapp::HttpSessionsSettings::expirationTime, expirationTime, sessionsSettings, sessionTimerEvent(), and settings.

    :QObject(parent), settings(0), useQtSettings(false)
{
    sessionsSettings=settings;
    connect(&cleanupTimer,SIGNAL(timeout()),this,SLOT(sessionTimerEvent()));
    cleanupTimer.start(60000);
    cookieName=QByteArray(qPrintable(settings.cookieName));
    expirationTime=settings.expirationTime;
    qDebug("HttpSessionStore: Sessions expire after %i milliseconds",expirationTime);
}

Here is the call graph for this function:

~HttpSessionStore()

HttpSessionStore::~HttpSessionStore ( )

virtual

Destructor

Definition at line 35 of file httpsessionstore.cpp.

References cleanupTimer.

{
    cleanupTimer.stop();
}

Member Function Documentation

getListenerSettings()

HttpSessionsSettings qtwebapp::HttpSessionStore::getListenerSettings ( ) const

inline

Get a sessions settings copy

Returns

The current sessions settings

Definition at line 91 of file httpsessionstore.h.

{ return sessionsSettings; }

getSession() [1/2]

HttpSession HttpSessionStore::getSession	(	HttpRequest &	request,
		HttpResponse &	response,
		bool	allowCreate = true
	)

Get the session of a HTTP request, eventually create a new one. This method is thread safe. New sessions can only be created before the first byte has been written to the HTTP response.

Parameters

request	Used to get the session cookie
response	Used to get and set the new session cookie
allowCreate	can be set to false, to disable the automatic creation of a new session.

Returns

If autoCreate is disabled, the function returns a null session if there is no session.

See also

HttpSession::isNull()

Definition at line 64 of file httpsessionstore.cpp.

References qtwebapp::HttpSessionsSettings::cookieComment, qtwebapp::HttpSessionsSettings::cookieDomain, qtwebapp::HttpSessionsSettings::cookieName, cookieName, qtwebapp::HttpSessionsSettings::cookiePath, expirationTime, qtwebapp::HttpSession::getId(), getSessionId(), qtwebapp::HttpSession::isNull(), mutex, sessions, sessionsSettings, qtwebapp::HttpResponse::setCookie(), qtwebapp::HttpSession::setLastAccess(), settings, and useQtSettings.

{
    QByteArray sessionId=getSessionId(request,response);
    mutex.lock();
    if (!sessionId.isEmpty())
    {
        HttpSession session=sessions.value(sessionId);
        if (!session.isNull())
        {
            mutex.unlock();
            // Refresh the session cookie
            QByteArray cookieName = useQtSettings ? settings->value("cookieName","sessionid").toByteArray() : QByteArray(qPrintable(sessionsSettings.cookieName));
            QByteArray cookiePath = useQtSettings ? settings->value("cookiePath").toByteArray() : QByteArray(qPrintable(sessionsSettings.cookiePath));
            QByteArray cookieComment = useQtSettings ? settings->value("cookieComment").toByteArray() : QByteArray(qPrintable(sessionsSettings.cookieComment));
            QByteArray cookieDomain = useQtSettings ? settings->value("cookieDomain").toByteArray() : QByteArray(qPrintable(sessionsSettings.cookieDomain));
            response.setCookie(HttpCookie(cookieName,session.getId(),expirationTime/1000,cookiePath,cookieComment,cookieDomain));
            session.setLastAccess();
            return session;
        }
    }
    // Need to create a new session
    if (allowCreate)
    {
        QByteArray cookieName = useQtSettings ? settings->value("cookieName","sessionid").toByteArray() : QByteArray(qPrintable(sessionsSettings.cookieName));
        QByteArray cookiePath = useQtSettings ? settings->value("cookiePath").toByteArray() : QByteArray(qPrintable(sessionsSettings.cookiePath));
        QByteArray cookieComment = useQtSettings ? settings->value("cookieComment").toByteArray() : QByteArray(qPrintable(sessionsSettings.cookieComment));
        QByteArray cookieDomain = useQtSettings ? settings->value("cookieDomain").toByteArray() : QByteArray(qPrintable(sessionsSettings.cookieDomain));
        HttpSession session(true);
        qDebug("HttpSessionStore: create new session with ID %s",session.getId().data());
        sessions.insert(session.getId(),session);
        response.setCookie(HttpCookie(cookieName,session.getId(),expirationTime/1000,cookiePath,cookieComment,cookieDomain));
        mutex.unlock();
        return session;
    }
    // Return a null session
    mutex.unlock();
    return HttpSession();
}

Here is the call graph for this function:

getSession() [2/2]

HttpSession HttpSessionStore::getSession

(

const QByteArray

id

)

Get a HTTP session by it's ID number. This method is thread safe.

Returns

If there is no such session, the function returns a null session.

Parameters

id	ID number of the session

See also

HttpSession::isNull()

Definition at line 103 of file httpsessionstore.cpp.

References mutex, sessions, and qtwebapp::HttpSession::setLastAccess().

{
    mutex.lock();
    HttpSession session=sessions.value(id);
    mutex.unlock();
    session.setLastAccess();
    return session;
}

Here is the call graph for this function:

getSessionId()

QByteArray HttpSessionStore::getSessionId	(	HttpRequest &	request,
		HttpResponse &	response
	)

Get the ID of the current HTTP session, if it is valid. This method is thread safe.

Warning

Sessions may expire at any time, so subsequent calls of getSession() might return a new session with a different ID.

Parameters

request	Used to get the session cookie
response	Used to get and set the new session cookie

Returns

Empty string, if there is no valid session.

Definition at line 40 of file httpsessionstore.cpp.

References cookieName, qtwebapp::HttpRequest::getCookie(), qtwebapp::HttpResponse::getCookies(), mutex, and sessions.

Referenced by getSession().

{
    // The session ID in the response has priority because this one will be used in the next request.
    mutex.lock();
    // Get the session ID from the response cookie
    QByteArray sessionId=response.getCookies().value(cookieName).getValue();
    if (sessionId.isEmpty())
    {
        // Get the session ID from the request cookie
        sessionId=request.getCookie(cookieName);
    }
    // Clear the session ID if there is no such session in the storage.
    if (!sessionId.isEmpty())
    {
        if (!sessions.contains(sessionId))
        {
            qDebug("HttpSessionStore: received invalid session cookie with ID %s",sessionId.data());
            sessionId.clear();
        }
    }
    mutex.unlock();
    return sessionId;
}

Here is the call graph for this function:

Here is the caller graph for this function:

removeSession()

void HttpSessionStore::removeSession

(

HttpSession

session

)

Delete a session

Definition at line 134 of file httpsessionstore.cpp.

References qtwebapp::HttpSession::getId(), mutex, and sessions.

{
    mutex.lock();
    sessions.remove(session.getId());
    mutex.unlock();
}

Here is the call graph for this function:

sessionTimerEvent

void HttpSessionStore::sessionTimerEvent ( )

privateslot

Called every minute to cleanup expired sessions.

Definition at line 112 of file httpsessionstore.cpp.

References expirationTime, qtwebapp::HttpSession::getId(), qtwebapp::HttpSession::getLastAccess(), i, mutex, and sessions.

Referenced by HttpSessionStore().

{
    mutex.lock();
    qint64 now=QDateTime::currentMSecsSinceEpoch();
    QMap<QByteArray,HttpSession>::iterator i = sessions.begin();
    while (i != sessions.end())
    {
        QMap<QByteArray,HttpSession>::iterator prev = i;
        ++i;
        HttpSession session=prev.value();
        qint64 lastAccess=session.getLastAccess();
        if (now-lastAccess>expirationTime)
        {
            qDebug("HttpSessionStore: session %s expired",session.getId().data());
            sessions.erase(prev);
        }
    }
    mutex.unlock();
}

Here is the call graph for this function:

Here is the caller graph for this function:

setListenerSettings()

void qtwebapp::HttpSessionStore::setListenerSettings ( const HttpSessionsSettings &  settings )

inline

Set new sessions settings data

Parameters

sessions

settings to replace current data

Definition at line 97 of file httpsessionstore.h.

{ sessionsSettings = settings; }

Member Data Documentation

cleanupTimer

QTimer qtwebapp::HttpSessionStore::cleanupTimer

private

Timer to remove expired sessions

Definition at line 112 of file httpsessionstore.h.

Referenced by HttpSessionStore(), and ~HttpSessionStore().

cookieName

QByteArray qtwebapp::HttpSessionStore::cookieName

private

Name of the session cookie

Definition at line 115 of file httpsessionstore.h.

Referenced by getSession(), getSessionId(), and HttpSessionStore().

expirationTime

int qtwebapp::HttpSessionStore::expirationTime

private

Time when sessions expire (in ms)

Definition at line 118 of file httpsessionstore.h.

Referenced by getSession(), HttpSessionStore(), and sessionTimerEvent().

mutex

QMutex qtwebapp::HttpSessionStore::mutex

private

Used to synchronize threads

Definition at line 121 of file httpsessionstore.h.

Referenced by getSession(), getSessionId(), removeSession(), and sessionTimerEvent().

sessions

QMap<QByteArray,HttpSession> qtwebapp::HttpSessionStore::sessions

protected

Storage for the sessions

Definition at line 101 of file httpsessionstore.h.

Referenced by getSession(), getSessionId(), removeSession(), and sessionTimerEvent().

sessionsSettings

HttpSessionsSettings qtwebapp::HttpSessionStore::sessionsSettings

private

Configuration settings as a structure

Definition at line 109 of file httpsessionstore.h.

Referenced by getSession(), and HttpSessionStore().

settings

QSettings* qtwebapp::HttpSessionStore::settings

private

Configuration settings as Qt settings

Definition at line 106 of file httpsessionstore.h.

Referenced by getSession(), and HttpSessionStore().

useQtSettings

bool qtwebapp::HttpSessionStore::useQtSettings

private

Settings flag

Definition at line 124 of file httpsessionstore.h.

Referenced by getSession().

---

The documentation for this class was generated from the following files:

• httpserver/httpsessionstore.h
• httpserver/httpsessionstore.cpp