@Override
@Transactional
protected UserDetails processAutoLoginCookie(
String[] cookieTokens, HttpServletRequest request, HttpServletResponse response) {
PersistentToken token = getPersistentToken(cookieTokens);
String login = token.getUser().getLogin();
// Token also matches, so login is valid. Update the token value, keeping the *same* series
// number.
log.debug(
"Refreshing persistent login token for user '{}', series '{}'", login, token.getSeries());
token.setTokenDate(LocalDate.now());
token.setTokenValue(generateTokenData());
token.setIpAddress(request.getRemoteAddr());
token.setUserAgent(request.getHeader("User-Agent"));
try {
persistentTokenRepository.saveAndFlush(token);
addCookie(token, request, response);
} catch (DataAccessException e) {
log.error("Failed to update token: ", e);
throw new RememberMeAuthenticationException("Autologin failed due to data access problem", e);
}
return getUserDetailsService().loadUserByUsername(login);
}
private void addCookie(
PersistentToken token, HttpServletRequest request, HttpServletResponse response) {
setCookie(
new String[] {token.getSeries(), token.getTokenValue()},
TOKEN_VALIDITY_SECONDS,
request,
response);
}