#include <Session.h>

Public Types
enum	{ NOUSER_USER_ID = (int) - 1 , SYSTEM_USER_ID = 0 , DEFAULT_USER_ID = 1 , DEFAULT_GROUP_ID = 2 , GUEST_USER_ID = 10 , NOUSER_ROLE_ID = -1 , SYSTEM_ROLE_ID = 0 , ADMIN_ROLE_ID = 2 , GUEST_ROLE_ID = 10 , DEFAULT_ROLE_ID = 9 }

Public Member Functions
	Session (HttpServletContextEx &ctx, SQLQuery &q, int nServiceUserID)
void	check ()
bool	login (const String &strLoginID, const String &strPassword)
void	logout ()
bool	getMemberRole (int nServiceUserID)
bool	isSysGuest () const
bool	isSysAdmin () const
bool	isMemberGuest () const
bool	isMemberAdmin () const
bool	isOwner (int nResourceUserID) const

Static Public Member Functions
static String	toString (uint64_t n)

Public Attributes
String	__strSessionID
int	__nUserID
String	__strUserName
int	__nRoleID
String	__strRoleName
int	__nSiteUserID
int	__nMemberRoleID
HttpServletContextEx &	__ctx
SQLQuery &	__query
int	__nServiceUserID

Static Public Attributes
static const wchar_t *	SESSION_COOKIE_NAME = L"dclhscsid"

Protected Member Functions
String	create (SQLQuery &q, int nUserID)

Detailed Description

Definition at line 13 of file Session.h.

Member Enumeration Documentation

◆ anonymous enum

anonymous enum

Enumerator
NOUSER_USER_ID
SYSTEM_USER_ID
DEFAULT_USER_ID
DEFAULT_GROUP_ID
GUEST_USER_ID
NOUSER_ROLE_ID
SYSTEM_ROLE_ID
ADMIN_ROLE_ID
GUEST_ROLE_ID
DEFAULT_ROLE_ID

Definition at line 18 of file Session.h.

         {
        NOUSER_USER_ID            = (int) - 1,
        SYSTEM_USER_ID            = 0,
        DEFAULT_USER_ID          = 1,
        DEFAULT_GROUP_ID        = 2,
        GUEST_USER_ID          = 10,
 
        NOUSER_ROLE_ID            = -1,
        SYSTEM_ROLE_ID            = 0,
        ADMIN_ROLE_ID          = 2,
        GUEST_ROLE_ID          = 10,
        DEFAULT_ROLE_ID          = 9,
    };

Constructor & Destructor Documentation

◆ Session()

Session::Session	(	HttpServletContextEx &	ctx,
		SQLQuery &	q,
		int	nServiceUserID )

Definition at line 48 of file Session.cpp.

  : __ctx(ctx), __query(q)
{
    __nUserID = GUEST_USER_ID;
    __nRoleID = GUEST_ROLE_ID;
 
    __nSiteUserID = SYSTEM_USER_ID;
    __nMemberRoleID = GUEST_ROLE_ID;
 
    __nServiceUserID = nServiceUserID;
}

Member Function Documentation

◆ check()

void Session::check ( )

Definition at line 106 of file Session.cpp.

{
    // Guest 세션에서 검사를 시작한다.
    __DCL_ASSERT(__nUserID == GUEST_USER_ID);
 
    SQLQuery& q = __query;
 
    ListedStringToStringMap::ConstIterator it =
        __ctx.__cookieMap.find(SESSION_COOKIE_NAME);
    if (it == __ctx.__cookieMap.end()) {
        // Guest session
        __strSessionID = create(q, __nUserID); 
    }
    else {
        String strSessionID = (*it).value;
        // 세션이 유효한지 확인
        String sql = L""
            "SELECT S.USER_ID, U.USER_NAME, U.ROLE_ID, R.ROLE_NAME"
            "\n FROM DCL_SESSION AS S"
            "\n  INNER JOIN DCL_USER AS U ON (S.USER_ID = U.USER_ID)"
            "\n  INNER JOIN DCL_ROLE AS R ON (U.ROLE_ID = R.ROLE_ID)"
            "\n WHERE SESSION_ID = \'" + strSessionID + L'\'';
        __DCL_TRACE1(L"%ls\n", sql.data());
        q.execute(sql);
 
        q.fetch();
        if (q.eof()) {
            // 세션이 유효하지 않다. 새로운 Guest 세션을 생성한다.
            __strSessionID = create(q, __nUserID);
        }
        else {
            __strSessionID = strSessionID;
            __nUserID = q.fields()[0].asInteger();
            if (__nUserID != GUEST_USER_ID)
            {
                if (!q.fields()[1].isNull())
                    __strUserName = q.fields()[1].asString();
            }
            __nRoleID = __nMemberRoleID = q.fields()[2].asInteger();
            __strRoleName = q.fields()[3].asString();
 
            q.execute(L""
                "UPDATE DCL_SESSION "
                "\n SET LAST_ACCESS = CURRENT_TIMESTAMP "
                "\n WHERE SESSION_ID = \'" + __strSessionID + L'\''
            );
            q.execute(L""
                "UPDATE DCL_USER SET"
                "\n LAST_USE = CURRENT_TIMESTAMP"
                "\n WHERE USER_ID = " + String::valueOf(__nUserID)
            );
        }
    }
}

◆ create()

String Session::create	(	SQLQuery &	q,
		int	nUserID )

protected

Definition at line 63 of file Session.cpp.

{
    // Guest 세션의 생성
    StringBuilder strRemoteAddr = __ctx.remoteAddr();
    strRemoteAddr += L":" + String::valueOf(__ctx.remotePort());
    String str = strRemoteAddr.toString()
        + DateTime::getCurrentLocalTime().toString();
 
    uint64_t ui64[2];
    MD5 md;
    md.update(str.data(), str.length() * sizeof(wchar_t));
    md.final((byte_t*)ui64);
/*
    String strSessionID = UInt64::toString(ui64[0], 32);
    strSessionID += UInt64::toString(ui64[1], 32);
*/
    StringBuilder strSessionID = toString(ui64[0]);
    strSessionID += toString(ui64[1]);
 
//  String strSessionID = MD5::final(str);
 
    HttpSetCookie cookie(
        SESSION_COOKIE_NAME,
        strSessionID,
        0, //time(NULL) + 365 * 24 * 60 * 60,
        L"/"//Files::dirname(__ctx.path())
    );
 
    __ctx.addHeader(cookie);
 
    q.prepare(L""
        "INSERT INTO DCL_SESSION(SESSION_ID, USER_ID, REMOTE_ADDR, LAST_ACCESS)"
        "\n  VALUES(:SESSION_ID, :USER_ID, :REMOTE_ADDR, CURRENT_TIMESTAMP)"
    );
    q.params()[0].setValue(strSessionID);
    q.params()[1].setValue(nUserID);
    q.params()[2].setValue(strRemoteAddr);
 
    q.execute();
 
    return strSessionID;
}

◆ getMemberRole()

bool Session::getMemberRole ( int nServiceUserID )

Definition at line 223 of file Session.cpp.

{
    SQLQuery& q = __query;
    q.execute(L""
        "SELECT ROLE_ID"
        "\n FROM DCL_USER_MEMBER"
        "\n WHERE USER_ID = " + String::valueOf(nServiceUserID) + L""
        "\n  AND MEMBER_ID = " + String::valueOf(__nUserID)
    );
    q.fetch();
    if (q.eof())
        return false;
 
    __nMemberRoleID = q.fields()[0].asInteger();
 
    return true;
}

◆ isMemberAdmin()

bool Session::isMemberAdmin ( ) const

inline

Definition at line 85 of file Session.h.

{
    return (SYSTEM_ROLE_ID <= __nMemberRoleID) && (__nMemberRoleID <= ADMIN_ROLE_ID);
}

◆ isMemberGuest()

bool Session::isMemberGuest ( ) const

inline

Definition at line 80 of file Session.h.

{
    return __nMemberRoleID == GUEST_ROLE_ID;
}

◆ isOwner()

bool Session::isOwner ( int nResourceUserID ) const

inline

Definition at line 90 of file Session.h.

{
    return __nUserID == nResourceUserID;
}

◆ isSysAdmin()

bool Session::isSysAdmin ( ) const

inline

Definition at line 75 of file Session.h.

{
    return (SYSTEM_ROLE_ID <= __nRoleID) && (__nRoleID <= ADMIN_ROLE_ID);
}

◆ isSysGuest()

bool Session::isSysGuest ( ) const

inline

Definition at line 70 of file Session.h.

{
    return __nRoleID == GUEST_ROLE_ID;
}

◆ login()

bool Session::login	(	const String &	strLoginID,
		const String &	strPassword )

Definition at line 161 of file Session.cpp.

{
    __DCL_ASSERT(!__strSessionID.isEmpty());
 
    int nUserID = GUEST_USER_ID;
    SQLQuery& q = __query;
 
    q.prepare(L""
        "SELECT USER_ID, PASSWORD FROM DCL_USER "
        "   WHERE SIGN_ID = :SIGN_ID"
    );
    q.params().byName(L"SIGN_ID").setValue(strSignID);
    q.execute();
    q.fetch();
    if (q.eof())
        return false;
 
    if (q.fields().at(1).isNull()) {
        return false;
    }
 
    String password = q.fields()[1].asString();
    if (!(password.isEmpty() && strPassword.isEmpty())) {
        //      if (MD5::final(strInputPassword) != strPassword)
        if (strPassword != password)
            return false;
    }
 
    String strUserID = q.fields()[0].asString();
 
    q.execute(L""
        "UPDATE DCL_USER SET"
        "\n LAST_SIGNIN = CURRENT_TIMESTAMP, LAST_USE = CURRENT_TIMESTAMP"
        "\n WHERE USER_ID = " + strUserID
    );
 
    q.execute(L""
        "UPDATE DCL_SESSION SET USER_ID = " + strUserID + L""
        "   WHERE SESSION_ID = \'" + __strSessionID + L"\'"
    );
 
    // MySQL에서 UPDATE되는 값이 동일하면 UPDATE되지 않아서
    // affectedRows가 0이 된다.
    //  __DCL_ASSERT(q.affectedRows() > 0);
 
    return true;
}

◆ logout()

void Session::logout ( )

Definition at line 209 of file Session.cpp.

{
    __DCL_ASSERT(!__strSessionID.isEmpty());
 
    if (__nUserID == GUEST_USER_ID)
        return;
 
    SQLQuery& q = __query;
    q.execute(L""
        "UPDATE DCL_SESSION SET USER_ID = " + String::valueOf(GUEST_USER_ID) + L""
        "   WHERE SESSION_ID = \'" + __strSessionID + L"\'"
    );
}

◆ toString()

String Session::toString ( uint64_t n )

static

Definition at line 25 of file Session.cpp.

{
    wchar_t sz[21];
    sz[20] = L'\0';
    int i = 20;
 
    do {
        i--;
        unsigned int r = (unsigned int)(n % 62);
        if (r <= 9)
            sz[i] = r + L'0';
        else if (10 <= r && r <= 35)
            sz[i] = r - 10 + L'A';
        else
            sz[i] = r - 36 + L'a';
 
        n /= 62;
    } while(n);
 
    String str(&sz[i], 20 - i);
    return str;
}

Member Data Documentation

◆ __ctx

HttpServletContextEx& Session::__ctx

Definition at line 41 of file Session.h.

◆ __nMemberRoleID

int Session::__nMemberRoleID

Definition at line 39 of file Session.h.

◆ __nRoleID

int Session::__nRoleID

Definition at line 35 of file Session.h.

◆ __nServiceUserID

int Session::__nServiceUserID

Definition at line 43 of file Session.h.

◆ __nSiteUserID

int Session::__nSiteUserID

Definition at line 38 of file Session.h.

◆ __nUserID

int Session::__nUserID

Definition at line 33 of file Session.h.

◆ __query

SQLQuery& Session::__query

Definition at line 42 of file Session.h.

◆ __strRoleName

String Session::__strRoleName

Definition at line 36 of file Session.h.

◆ __strSessionID

String Session::__strSessionID

Definition at line 32 of file Session.h.

◆ __strUserName

String Session::__strUserName

Definition at line 34 of file Session.h.

◆ SESSION_COOKIE_NAME

__DCL_BEGIN_NAMESPACE const wchar_t * Session::SESSION_COOKIE_NAME = L"dclhscsid"

static

Definition at line 16 of file Session.h.

The documentation for this class was generated from the following files:

Public Types

Public Member Functions

Static Public Member Functions

Public Attributes

Static Public Attributes

Protected Member Functions

Detailed Description

Member Enumeration Documentation

◆ anonymous enum

Constructor & Destructor Documentation

◆ Session()

Member Function Documentation

◆ check()

◆ create()

◆ getMemberRole()

◆ isMemberAdmin()

◆ isMemberGuest()

◆ isOwner()

◆ isSysAdmin()

◆ isSysGuest()

◆ login()

◆ logout()

◆ toString()

Member Data Documentation

◆ __ctx

◆ __nMemberRoleID

◆ __nRoleID

◆ __nServiceUserID

◆ __nSiteUserID

◆ __nUserID

◆ __query

◆ __strRoleName

◆ __strSessionID

◆ __strUserName

◆ SESSION_COOKIE_NAME