store sessions in database

Dockerfile

@@ -4,7 +4,6 @@ EXPOSE 8082
 
 RUN mkdir -p /commafeed/data
 VOLUME /commafeed/data
-ENV CF_SESSION_PATH=/commafeed/data/sessions
 ENV CF_DATABASE_URL=jdbc:h2:/commafeed/data/db
 
 COPY commafeed-server/config.yml.example config.yml

commafeed-server/src/main/java/com/commafeed/CommaFeedApplication.java

@@ -147,7 +147,7 @@ public class CommaFeedApplication extends Application<CommaFeedConfiguration> {
 		Injector injector = Guice.createInjector(new CommaFeedModule(hibernateBundle.getSessionFactory(), config, environment.metrics()));
 
 		// session management
-		environment.servlets().setSessionHandler(config.getSessionHandlerFactory().build());
+		environment.servlets().setSessionHandler(config.getSessionHandlerFactory().build(config.getDataSourceFactory()));
 
 		// support for "@SecurityCheck User user" injection
 		environment.jersey().register(new SecurityCheckFactoryProvider.Binder(injector.getInstance(UserService.class)));

commafeed-server/src/main/java/com/commafeed/frontend/session/SessionHandlerFactory.java

@@ -1,24 +1,22 @@
 package com.commafeed.frontend.session;
 
-import java.io.File;
-
 import javax.servlet.SessionTrackingMode;
 
+import org.eclipse.jetty.server.session.DatabaseAdaptor;
 import org.eclipse.jetty.server.session.DefaultSessionCache;
-import org.eclipse.jetty.server.session.FileSessionDataStore;
+import org.eclipse.jetty.server.session.JDBCSessionDataStore;
 import org.eclipse.jetty.server.session.SessionCache;
 import org.eclipse.jetty.server.session.SessionHandler;
 
+import com.codahale.metrics.MetricRegistry;
 import com.fasterxml.jackson.annotation.JsonProperty;
 import com.google.common.collect.ImmutableSet;
 
+import io.dropwizard.db.DataSourceFactory;
 import io.dropwizard.util.Duration;
 
 public class SessionHandlerFactory {
 
-	@JsonProperty
-	private String path = "sessions";
-
 	@JsonProperty
 	private Duration cookieMaxAge = Duration.days(30);
 
@@ -31,26 +29,24 @@ public class SessionHandlerFactory {
 	@JsonProperty
 	private Duration savePeriod = Duration.minutes(5);
 
-	public SessionHandler build() {
-		SessionHandler sessionHandler = new SessionHandler() {
-			{
-				// no setter available for maxCookieAge
-				_maxCookieAge = (int) cookieMaxAge.toSeconds();
-			}
-		};
-		SessionCache sessionCache = new DefaultSessionCache(sessionHandler);
-		sessionHandler.setSessionCache(sessionCache);
-		FileSessionDataStore dataStore = new FileSessionDataStore();
-		sessionCache.setSessionDataStore(dataStore);
-
+	public SessionHandler build(DataSourceFactory dataSourceFactory) {
+		SessionHandler sessionHandler = new SessionHandler();
 		sessionHandler.setHttpOnly(true);
 		sessionHandler.setSessionTrackingModes(ImmutableSet.of(SessionTrackingMode.COOKIE));
 		sessionHandler.setMaxInactiveInterval((int) maxInactiveInterval.toSeconds());
 		sessionHandler.setRefreshCookieAge((int) cookieRefreshAge.toSeconds());
+		sessionHandler.getSessionCookieConfig().setMaxAge((int) cookieMaxAge.toSeconds());
 
-		dataStore.setDeleteUnrestorableFiles(true);
-		dataStore.setStoreDir(new File(path));
+		SessionCache sessionCache = new DefaultSessionCache(sessionHandler);
+		sessionHandler.setSessionCache(sessionCache);
+
+		JDBCSessionDataStore dataStore = new JDBCSessionDataStore();
 		dataStore.setSavePeriodSec((int) savePeriod.toSeconds());
+		sessionCache.setSessionDataStore(dataStore);
+
+		DatabaseAdaptor adaptor = new DatabaseAdaptor();
+		adaptor.setDatasource(dataSourceFactory.build(new MetricRegistry(), "sessions"));
+		dataStore.setDatabaseAdaptor(adaptor);
 
 		return sessionHandler;
 	}