package com.astalange.web.controller; import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.core.session.SessionRegistry; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestMapping; import java.util.List; import java.util.stream.Collectors; @Controller @RequestMapping("/admin/sessions") public class SessionController { private final SessionRegistry sessionRegistry; public SessionController(SessionRegistry sessionRegistry) { this.sessionRegistry = sessionRegistry; } @GetMapping @PreAuthorize("hasRole('ADMIN')") public String viewSessions(Model model) { List principals = sessionRegistry.getAllPrincipals(); List activeUsers = principals.stream() .filter(principal -> principal instanceof UserDetails) .map(principal -> ((UserDetails) principal).getUsername()) .collect(Collectors.toList()); model.addAttribute("activeUsers", activeUsers); model.addAttribute("activeCount", activeUsers.size()); return "admin/sessions"; } }