Best way to check if a user is already logged in

Hi,

i’m checking if a user is already logged in my vaadin 14 app.
What i need is to show a message to the user that is already logged in and close the session to forbid twice login with the same user.

Is there a place to store the current user logged in and retrieve them to check each time a user log in ?

Thanks

To save a user logged in, I use:

VaadinSession session = VaadinSession.getCurrent();
session.setAttribute("username", getUserNamefromTextField());

To check if a user is logged in:

VaadinSession session = VaadinSession.getCurrent();
try {
	session.getAttribute("username").toString()
} catch(Exception e) {
	// no username is session
}

To log them out:

VaadinSession session = VaadinSession.getCurrent();
session.setAttribute("username", null);

Temitayo Odesanmi:
To save a user logged in, I use:

VaadinSession session = VaadinSession.getCurrent();
session.setAttribute("username", getUserNamefromTextField());

To check if a user is logged in:

VaadinSession session = VaadinSession.getCurrent();
try {
	session.getAttribute("username").toString()
} catch(Exception e) {
	// no username is session
}

To log them out:

VaadinSession session = VaadinSession.getCurrent();
session.setAttribute("username", null);

Hi,

thanks for the answer,

May be i did not explained correctely my needs.

The check i need to do is to evaluate if there is a session that is already logged in with the same username i’m trying to login.

I want to avoid double login in different sessions with the same username, for instance two persons can’t access from different computer with the same credentials.

Thanks a lot.

The way I do it:

I have a class StaticApplicationLoader which loads all the “Application Wide data”. It runs on tomcat startup and stays there…

public class StaticApplicationLoader implements ServletContextListener

There I keep a :

public static ConcurrentHashMap<String,UserSessionObject> userSessions = new ConcurrentHashMap<String,UserSessionObject>();
public class UserSessionObject implements Serializable{

	private static final long serialVersionUID = 1L;
	
	private Date 			sessionDate = new Date();
	private VaadinSession 	session;
	private String 			username = "";
	
	public UserSessionObject(){}
	
	public String getUsername() {
		return username;
	}
	public void setUsername(String username) {
		this.username = username;
	}
	public Date getSessionDate() {
		return sessionDate;
	}
	public void setSessionDate(Date sessionDate) {
		this.sessionDate = sessionDate;
	}
	public VaadinSession getSession() {
		return session;
	}
	public void setSession(VaadinSession session) {
		this.session = session;
	}
}

So when someone tries to login (and is successful) I check the userSessions based on the username, and if i.e.
userSessions.containsKey(newLoginUsername) then
userSessions.get(newLoginUsername).getVaadinSession().invalidate()…
This will throw out the old user with the username and keep the new user

private void addSessionForUserWithUsername(String username){
		if(StaticApplicationLoader.userSessions.containsKey(username)){
			removeSessionForUserWithUsername(username); //Clear it first
		}

		UserSessionObject userSession = new UserSessionObject();
		userSession.setSessionDate(new Date());
		userSession.setUsername(username);
		userSession.setSession(DashboardUI.getCurrent().getSession());

		StaticApplicationLoader.userSessions.put(username, userSession);
	}
	
	private void removeSessionForUserWithUsername(String username){
		//Remove from UserSession handler
		if(StaticApplicationLoader.userSessions.containsKey(username)){		
		VaadinService.getCurrent().closeSession(StaticApplicationLoader.userSessions.get(username).getSession());
			StaticApplicationLoader.userSessions.remove(username);
		}
	}

P.S. Note this code is for Vaadin 8. (or 7 can’t remember really)… It should work on Vaadin 10 roughly the same (I think you need to have @WebListener at the StaticApplicationLoader).

Nick R.:
The way I do it:

I have a class StaticApplicationLoader which loads all the “Application Wide data”. It runs on tomcat startup and stays there…

public class StaticApplicationLoader implements ServletContextListener

There I keep a :

public static ConcurrentHashMap<String,UserSessionObject> userSessions = new ConcurrentHashMap<String,UserSessionObject>();
public class UserSessionObject implements Serializable{

	private static final long serialVersionUID = 1L;
	
	private Date 			sessionDate = new Date();
	private VaadinSession 	session;
	private String 			username = "";
	
	public UserSessionObject(){}
	
	public String getUsername() {
		return username;
	}
	public void setUsername(String username) {
		this.username = username;
	}
	public Date getSessionDate() {
		return sessionDate;
	}
	public void setSessionDate(Date sessionDate) {
		this.sessionDate = sessionDate;
	}
	public VaadinSession getSession() {
		return session;
	}
	public void setSession(VaadinSession session) {
		this.session = session;
	}
}

So when someone tries to login (and is successful) I check the userSessions based on the username, and if i.e.
userSessions.containsKey(newLoginUsername) then
userSessions.get(newLoginUsername).getVaadinSession().invalidate()…
This will throw out the old user with the username and keep the new user

private void addSessionForUserWithUsername(String username){
		if(StaticApplicationLoader.userSessions.containsKey(username)){
			removeSessionForUserWithUsername(username); //Clear it first
		}

		UserSessionObject userSession = new UserSessionObject();
		userSession.setSessionDate(new Date());
		userSession.setUsername(username);
		userSession.setSession(DashboardUI.getCurrent().getSession());

		StaticApplicationLoader.userSessions.put(username, userSession);
	}
	
	private void removeSessionForUserWithUsername(String username){
		//Remove from UserSession handler
		if(StaticApplicationLoader.userSessions.containsKey(username)){		
		VaadinService.getCurrent().closeSession(StaticApplicationLoader.userSessions.get(username).getSession());
			StaticApplicationLoader.userSessions.remove(username);
		}
	}

P.S. Note this code is for Vaadin 8. (or 7 can’t remember really)… It should work on Vaadin 10 roughly the same (I think you need to have @WebListener at the StaticApplicationLoader).

HI, Thanks,

it should work as i need.

How can i show a notification to the user that will be logged out ?

THANKS