Question

Is there a way to know which users are currently signed in with a Playframework application using the Secure Social API? If so how?

More generally where and how are currently signed-in users stored in a Play/SecureSocial application?

Was it helpful?

Solution

SecureSocial keeps track of authenticated users using the the AuthenticatorStore plugin. The default implementation uses the Play cache but you can create your own. If you create your own implementation then you can decide where to save the session and then query that to find out what you need.

Another approach could be to write an EventListener. SecureSocial fires Login and Logout events. You can persist those events and that would also give you the active users. You can however loose logout events in this case if the user just closes the browser. I'd say relying in the AuthenticatorStore is more reliable because Authenticators have an expiration that you can check when running a query.

OTHER TIPS

Are you using Play Framework 2 ?

If so, you can create your own UserService, as explained in the documentation : http://securesocial.ws/guide/user-service.html

You can then implement the find(Identity) (in Scala), or doFind(Identity) (in Java) method and choose how to log and store users.

In fact, in these methods, you must log the user depending of the way he connected (Twitter, Facebook ...).

You then also have to implement the save(Identity) (in Scala), or doSave(Identity) method in order to store a user when he creates an account or log for the first time with a specific social network.

If you provide a way to log in with username//password, you must implement the findByEmailAndProvider (in Scala) or doFindByEmailAndProvider method.

So, if you control the way users connect to your site, you can store (and retrieve) the connected users.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top