From b9f27b2b00666c2f8ee635b3d46132342e69af3d Mon Sep 17 00:00:00 2001
From: Sankaranarayanan Viswanathan <rationalrevolt@gmail.com>
Date: Sat, 11 Oct 2014 13:24:12 -0400
Subject: [PATCH] Make cookieLogin handle HttpSession by itself

---
 .../com/commafeed/backend/service/UserService.java   |  2 +-
 .../frontend/auth/SecurityCheckProvider.java         | 12 +++++++++++-
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/src/main/java/com/commafeed/backend/service/UserService.java b/src/main/java/com/commafeed/backend/service/UserService.java
index 40a309d8..b146dfd1 100644
--- a/src/main/java/com/commafeed/backend/service/UserService.java
+++ b/src/main/java/com/commafeed/backend/service/UserService.java
@@ -93,7 +93,7 @@ public class UserService {
 	/**
 	 * should triggers after successful login
 	 */
-	private void afterLogin(User user) {
+	public void afterLogin(User user) {
 		postLoginActivities.executeFor(user);
 	}
 
diff --git a/src/main/java/com/commafeed/frontend/auth/SecurityCheckProvider.java b/src/main/java/com/commafeed/frontend/auth/SecurityCheckProvider.java
index a7d95185..df81142c 100644
--- a/src/main/java/com/commafeed/frontend/auth/SecurityCheckProvider.java
+++ b/src/main/java/com/commafeed/frontend/auth/SecurityCheckProvider.java
@@ -1,6 +1,7 @@
 package com.commafeed.frontend.auth;
 
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
 import javax.ws.rs.WebApplicationException;
 import javax.ws.rs.core.Context;
 import javax.ws.rs.core.HttpHeaders;
@@ -15,6 +16,7 @@ import org.eclipse.jetty.util.StringUtil;
 import com.commafeed.backend.model.User;
 import com.commafeed.backend.model.UserRole.Role;
 import com.commafeed.backend.service.UserService;
+import com.commafeed.frontend.resource.UserREST;
 import com.google.common.base.Optional;
 import com.sun.jersey.api.core.HttpContext;
 import com.sun.jersey.api.model.Parameter;
@@ -67,7 +69,15 @@ public class SecurityCheckProvider implements InjectableProvider<SecurityCheck,
 		}
 
 		Optional<User> cookieSessionLogin() {
-			return userService.login(request.getSession(false));
+			HttpSession session = request.getSession(false);
+			if (session != null) {
+				User user = (User) session.getAttribute(UserREST.SESSION_KEY_USER);
+				if (user != null) {
+					userService.afterLogin(user);
+					return Optional.of(user);
+				}
+			}
+			return Optional.absent();
 		}
 
 		private Optional<User> basicAuthenticationLogin(HttpContext c) {