@Override @Transactional protected UserDetails processAutoLoginCookie( String[] cookieTokens, HttpServletRequest request, HttpServletResponse response) { PersistentToken token = getPersistentToken(cookieTokens); String login = token.getUser().getLogin(); // Token also matches, so login is valid. Update the token value, keeping the *same* series // number. log.debug( "Refreshing persistent login token for user '{}', series '{}'", login, token.getSeries()); token.setTokenDate(new LocalDate()); token.setTokenValue(generateTokenData()); token.setIpAddress(request.getRemoteAddr()); token.setUserAgent(request.getHeader("User-Agent")); try { persistentTokenRepository.saveAndFlush(token); addCookie(token, request, response); } catch (DataAccessException e) { log.error("Failed to update token: ", e); throw new RememberMeAuthenticationException("Autologin failed due to data access problem", e); } return getUserDetailsService().loadUserByUsername(login); }
private void addCookie( PersistentToken token, HttpServletRequest request, HttpServletResponse response) { setCookie( new String[] {token.getSeries(), token.getTokenValue()}, TOKEN_VALIDITY_SECONDS, request, response); }