Spring启动如何在Web应用程序中存储多个会话

Question

我正在尝试创建一个Web应用程序，用户需要通过Reddit登录。为此我使用JRAW，其中使用的主要对象是RedditClient。

我有点困惑，我应该如何处理为登录用户跟踪这些多个客户端。我有一个工作的应用程序，但我想我会以错误的方式存储这些。

Auth.class

public class Auth {

    private static final String URL = "http://localhost:4200/";

    private final UUID id = UUID.randomUUID();
    private final RedditClient redditClient = getDefaultRedditClient();
    private final Credentials credentials = getWebappCreds();
    private final URL authUrl = getClientAuthURL();

    public UUID getId(){
        return id;
    }

    public URL getAuthUrl(){
        return authUrl;
    }

    public AuthStatus getOAuthStatus(){
        return redditClient.getOAuthHelper().getAuthStatus();
    }

    @JsonIgnore
    public RedditClient getRedditClient(){
        return redditClient;
    }

    @JsonIgnore
    public Credentials getWebappCreds(){
        return Credentials.webapp("<WEB_APP_ID>", "<WEB_APP_SECRET>", URL);
    }

    private URL getClientAuthURL(){
        URL url = redditClient.getOAuthHelper().getAuthorizationUrl(credentials, true, "history");
        return url;
    }

    public void auth(String state, String code) throws NetworkException, OAuthException, IllegalStateException {
        System.out.println("auth - state: " + state + ", code: " + code);
        String url = URL + "?state=" + state + "&code=" + code; 
        System.out.println("auth - url: " + url);
        auth(url);
    }

    private void auth(String redirectURL) throws NetworkException, OAuthException, IllegalStateException {
        OAuthData data = redditClient.getOAuthHelper().onUserChallenge(redirectURL, credentials);
        redditClient.authenticate(data);
    }

    private static RedditClient getDefaultRedditClient(){
        UserAgent myUserAgent = UserAgent.of("desktop", "io.rj93.reddit.search", "v0.1", "rj93");
        return new RedditClient(myUserAgent);
    }

}

AuthController.class

package io.rj93.reddit.search.server;

import java.util.Enumeration;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;

import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;


import net.dean.jraw.http.NetworkException;
import net.dean.jraw.http.oauth.OAuthException;

@RestController
@RequestMapping("api/v1")
@CrossOrigin
public class AuthController {

    private static ConcurrentMap<String, Auth> auths = new ConcurrentHashMap<String, Auth>();

    @RequestMapping("/auth")
    public Auth getAuth(){
        Auth auth = new Auth();
        auths.put(auth.getId().toString(), auth);
        return auth;
    }

    @RequestMapping(value = "/auth", method = RequestMethod.POST)
    public Auth authenticate(@RequestBody Map<String, String> payload) throws NetworkException, OAuthException, IllegalStateException{
        Auth auth = auths.get(payload.get("id"));
        auth.auth(payload.get("state"), payload.get("code"));
        return auth;
    }

}

它的工作方式是网站在getAuth请求新的身份验证，创建一个新的reddit客户端并开始身份验证过程。它存储在Map中，密钥是生成的UUID，返回给用户并在所有进一步的请求中发送到服务器。网站重定向到reddit以允许用户授予权限，然后重定向到我的网站，其中要进行身份验证的值将authenticate发送到服务器。

我该如何存储？该库不允许我使用预设数据实例化RedditClient，因此我必须经历这个重定向到reddit等的过程。