Sn/3.8.1

src/main/java/com/iemr/common/controller/users/IEMRAdminController.java

@@ -81,6 +81,7 @@
 public class IEMRAdminController {
 	private final Logger logger = LoggerFactory.getLogger(this.getClass().getName());
 	private InputMapper inputMapper = new InputMapper();
+	private static final Set<String> CONCURRENT_SESSION_EXEMPT_ROLES = Set.of("admin", "superadmin");
 
 //	@Value("${captcha.enable-captcha}")
 	private boolean enableCaptcha =false;
@@ -180,11 +181,22 @@ public String userAuthenticate(
 			if (m_User.getUserName() != null
 					    && (m_User.getDoLogout() == null || !m_User.getDoLogout())
 					    && (m_User.getWithCredentials() != null && m_User.getWithCredentials())) {
-				String tokenFromRedis = getConcurrentCheckSessionObjectAgainstUser(
-						m_User.getUserName().trim().toLowerCase());
-				if (tokenFromRedis != null) {
-					throw new IEMRException(
-							"You are already logged in,please confirm to logout from other device and login again");
+				String userRole = "";
+				if (mUser.size() == 1 && mUser.get(0).getM_UserServiceRoleMapping() != null) {
+					for (UserServiceRoleMapping usrm : mUser.get(0).getM_UserServiceRoleMapping()) {
+						if (usrm.getM_Role() != null && usrm.getM_Role().getRoleName() != null) {
+							userRole = usrm.getM_Role().getRoleName();
+							break;
+						}
+					}
+				}
+				if (!CONCURRENT_SESSION_EXEMPT_ROLES.contains(userRole.trim().toLowerCase())) {
+					String tokenFromRedis = getConcurrentCheckSessionObjectAgainstUser(
+							m_User.getUserName().trim().toLowerCase());
+					if (tokenFromRedis != null) {
+						throw new IEMRException(
+								"You are already logged in,please confirm to logout from other device and login again");
+					}
 				}
 			} else if (m_User.getUserName() != null && m_User.getDoLogout() != null && m_User.getDoLogout() == true) {
 				deleteSessionObject(m_User.getUserName().trim().toLowerCase());
@@ -412,16 +424,28 @@ public String logOutUserFromConcurrentSession(
 						deleteSessionObjectByGettingSessionDetails(previousTokenFromRedis);
 						sessionObject.deleteSessionObject(previousTokenFromRedis);
 
-						// Denylist the active JWT so System 1's requests are immediately rejected
-						String usernameKey = mUsers.get(0).getUserName().trim().toLowerCase();
-						String jtiData = stringRedisTemplate.opsForValue().get("jti:" + usernameKey);
-						if (jtiData != null) {
-							String[] parts = jtiData.split("\\|", 2);
-							tokenDenylist.addTokenToDenylist(parts[0], jwtUtil.getAccessTokenExpiration());
-							if (parts.length > 1) {
-								redisTemplate.delete("user_" + parts[1]);
+						String userRole = "";
+						if (mUsers.get(0).getM_UserServiceRoleMapping() != null) {
+							for (UserServiceRoleMapping usrm : mUsers.get(0).getM_UserServiceRoleMapping()) {
+								if (usrm.getM_Role() != null && usrm.getM_Role().getRoleName() != null) {
+									userRole = usrm.getM_Role().getRoleName();
+									break;
+								}
+							}
+						}
+						if (!CONCURRENT_SESSION_EXEMPT_ROLES.contains(userRole.trim().toLowerCase())) {
+							// Denylist the active JWT so the first system's requests are immediately rejected
+							String usernameKey = mUsers.get(0).getUserName().trim().toLowerCase();
+							String jtiData = (String) redisTemplate.opsForValue().get("jti:" + usernameKey);
+							if (jtiData != null) {
+								String[] parts = jtiData.split("\\|", 2);
+								String jti = parts[0];
+								tokenDenylist.addTokenToDenylist(jti, jwtUtil.getAccessTokenExpiration());
+								if (parts.length > 1) {
+									redisTemplate.delete("user_" + parts[1]);
+								}
+								redisTemplate.delete("jti:" + usernameKey);
 							}
-							stringRedisTemplate.delete("jti:" + usernameKey);
 						}
 
 						response.setResponse("User successfully logged out");