Store session expiration

2 files changed, 14 insertions, 4 deletions

diff --git a/src/main/java/org/traccar/api/security/SecurityRequestFilter.java b/src/main/java/org/traccar/api/security/SecurityRequestFilter.java
index e308024da..c33a80015 100644
--- a/src/main/java/org/traccar/api/security/SecurityRequestFilter.java
+++ b/src/main/java/org/traccar/api/security/SecurityRequestFilter.java
@@ -38,6 +38,7 @@ import java.io.IOException;
 import java.lang.reflect.Method;
 import java.nio.charset.StandardCharsets;
 import java.security.GeneralSecurityException;
+import java.util.Date;
 
 public class SecurityRequestFilter implements ContainerRequestFilter {
 
@@ -92,7 +93,8 @@ public class SecurityRequestFilter implements ContainerRequestFilter {
                     User user = loginResult.getUser();
                     if (user != null) {
                         statisticsManager.registerRequest(user.getId());
-                        securityContext = new UserSecurityContext(new UserPrincipal(user.getId()));
+                        securityContext = new UserSecurityContext(
+                                new UserPrincipal(user.getId(), loginResult.getExpiration()));
                     }
                 } catch (StorageException | GeneralSecurityException | IOException e) {
                     throw new WebApplicationException(e);
@@ -101,12 +103,13 @@ public class SecurityRequestFilter implements ContainerRequestFilter {
             } else if (request.getSession() != null) {
 
                 Long userId = (Long) request.getSession().getAttribute(SessionResource.USER_ID_KEY);
+                Date expiration = (Date) request.getSession().getAttribute(SessionResource.EXPIRATION_KEY);
                 if (userId != null) {
                     User user = injector.getInstance(PermissionsService.class).getUser(userId);
                     if (user != null) {
                         user.checkDisabled();
                         statisticsManager.registerRequest(userId);
-                        securityContext = new UserSecurityContext(new UserPrincipal(userId));
+                        securityContext = new UserSecurityContext(new UserPrincipal(userId, expiration));
                     }
                 }
 
diff --git a/src/main/java/org/traccar/api/security/UserPrincipal.java b/src/main/java/org/traccar/api/security/UserPrincipal.java
index 18b84a0e1..83bd06fe9 100644
--- a/src/main/java/org/traccar/api/security/UserPrincipal.java
+++ b/src/main/java/org/traccar/api/security/UserPrincipal.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2015 - 2020 Anton Tananaev (anton@traccar.org)
+ * Copyright 2015 - 2023 Anton Tananaev (anton@traccar.org)
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,19 +16,26 @@
 package org.traccar.api.security;
 
 import java.security.Principal;
+import java.util.Date;
 
 public class UserPrincipal implements Principal {
 
     private final long userId;
+    private final Date expiration;
 
-    public UserPrincipal(long userId) {
+    public UserPrincipal(long userId, Date expiration) {
         this.userId = userId;
+        this.expiration = expiration;
     }
 
     public Long getUserId() {
         return userId;
     }
 
+    public Date getExpiration() {
+        return expiration;
+    }
+
     @Override
     public String getName() {
         return null;