@Override
 public WebSession getUserSession(HttpServletRequest request, boolean create) {
   String accessToken = WebRequestUtils.getAccessToken(request);
   if (accessToken == null) {
     return null;
   }
   WebSession session = memoryRepository.getIfPresent(accessToken);
   if (create && session == null) {
     session = loadUserSession(loginService.createUserSession(accessToken, request));
   }
   if (session != null) {
     session.touch();
   }
   return session;
 }
 private WebSession loadUserSession(me.suisui.data.jdbc.po.pub.UsrSession userSession) {
   if (userSession == null) {
     return null;
   }
   WebSession session = new WebSession();
   session.setValue(userSession);
   session.setId(userSession.getAccessToken());
   session.setHost(userSession.getLoginIp());
   Date now = new Date();
   session.setStartTimestamp(now);
   session.setLastAccessTime(now);
   session.setTimeout(-1);
   if (((UsrSession) session.getValue()).getExpireTime().before(now)) {
     session.setExpired(true);
   }
   memoryRepository.put(userSession.getAccessToken(), session);
   return session;
 }
 @Override
 public void onRemoval(RemovalNotification<Serializable, WebSession> notification) {
   Serializable key = notification.getKey();
   WebSession session = notification.getValue();
   if (notification.getCause() == RemovalCause.EXPIRED) {
     // time out cause session expired.
     logger.info("session for {} expired.", session.getId());
   } else {
     // logout cause session be removed.
     logger.info("session for {} stoped.", session.getId());
   }
   session.stop();
   UsrSession userSession = session.getValue();
   userSession.setLastAccessTime(new Timestamp(session.getLastAccessTime().getTime()));
   userSession.setStopTime(new Timestamp(session.getStopTimestamp().getTime()));
   userSessionDao.update(userSession);
 }