(#1737) Record login time when authenticating users

quince-science · Jul 2, 2024 · 7fcb42d · 7fcb42d
1 parent 99b36ad
commit 7fcb42d
Show file tree

Hide file tree

Showing 4 changed files with 40 additions and 3 deletions.
diff --git a/WebApp/junit/junit/uk/ac/exeter/QuinCe/User/UserDBTest.java b/WebApp/junit/junit/uk/ac/exeter/QuinCe/User/UserDBTest.java
@@ -27,9 +27,6 @@
  * <b>do not</b> make use of the dummy user defined in
  * {@code WebApp/junit/resources/sql/testbase/user}.
  * </p>
- *
- * @author Steve Jones
- *
  */
 public class UserDBTest extends BaseTest {
 

diff --git a/WebApp/junit/resources/db_migrations/V43__login_time_1737.sql b/WebApp/junit/resources/db_migrations/V43__login_time_1737.sql
@@ -0,0 +1 @@
+ALTER TABLE user ADD COLUMN last_login BIGINT NULL DEFAULT NULL AFTER preferences;
diff --git a/WebApp/src/uk/ac/exeter/QuinCe/User/UserDB.java b/WebApp/src/uk/ac/exeter/QuinCe/User/UserDB.java
@@ -7,6 +7,7 @@
 import java.sql.ResultSet;
 import java.sql.SQLException;
 import java.sql.Timestamp;
+import java.time.LocalDateTime;
 import java.util.Arrays;
 
 import javax.sql.DataSource;
@@ -117,6 +118,14 @@ public class UserDB {
   private static final String GET_PREFERENCES_QUERY = "SELECT "
     + "preferences FROM user WHERE id = ?";
 
+  /**
+   * SQL statement to update a user's last login time.
+   *
+   * @see #recordLogin(Connection, String)
+   */
+  private static final String RECORD_LOGIN_STATEMENT = "UPDATE "
+    + "user SET last_login = ? WHERE email = ?";
+
   /**
    * The length of the string to be used for email verification and password
    * reset codes.
@@ -735,6 +744,9 @@ public static int authenticate(DataSource dataSource, String email,
             // a nefarious person. The user can continue to log in with their
             // valid credentials, and it will nullify the reset request.
             clearPasswordResetCode(conn, email);
+
+            // Record the login
+            recordLogin(conn, email);
           }
         }
       }
@@ -803,6 +815,32 @@ public static void changePassword(Connection conn, User user,
     }
   }
 
+  /**
+   * Record a login for the user with the specified email address.
+   *
+   * @param conn
+   *          A database connection.
+   * @param email
+   *          The user's email address.
+   * @throws DatabaseException
+   *           If the update fails.
+   */
+  private static void recordLogin(Connection conn, String email)
+    throws DatabaseException {
+    MissingParam.checkMissing(conn, "conn");
+    MissingParam.checkMissing(email, "email");
+
+    try (
+      PreparedStatement stmt = conn.prepareStatement(RECORD_LOGIN_STATEMENT)) {
+      stmt.setLong(1, DateTimeUtils.dateToLong(LocalDateTime.now()));
+      stmt.setString(2, email);
+      stmt.execute();
+    } catch (SQLException e) {
+      throw new DatabaseException("Error recording login", e);
+    }
+
+  }
+
   /**
    * Check a user's email verification code against the supplied code.
    *

diff --git a/src/migrations/db_migrations/V43__login_time_1737.sql b/src/migrations/db_migrations/V43__login_time_1737.sql
@@ -0,0 +1 @@
+ALTER TABLE user ADD COLUMN last_login BIGINT NULL DEFAULT NULL AFTER preferences;
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		ALTER TABLE user ADD COLUMN last_login BIGINT NULL DEFAULT NULL AFTER preferences;