getSessionValidTokens method
Implementation
FutureOr<Set<APIToken>?> getSessionValidTokens(APIRequest request) {
var sessionID = request.sessionID;
if (sessionID == null) return null;
return _sessionSet.getMarkingAccess(sessionID).resolveMapped((session) {
var sessionTokens = session?.validateTokens();
if (sessionTokens == null || sessionTokens.isEmpty) return null;
var usernames = sessionTokens.map((e) => e.username);
return _tokenStore
.getByUsernames(usernames, checkExpiredTokens: true)
.resolveMapped((validTokens) {
sessionTokens.removeWhere((t) => !validTokens.contains(t));
if (request.credential != null) {
var credentialUsername = request.credential!.username;
if (!usernames.contains(credentialUsername)) return null;
var tokensWithUsername = sessionTokens
.where((t) => t.username == credentialUsername)
.toSet();
return tokensWithUsername;
} else {
return sessionTokens;
}
});
});
}