class Authenticate::Session

Represents an Authenticate session.

Attributes

request[RW]

Public Class Methods

new(request) click to toggle source

Initialize an Authenticate session.

The presence of a session does NOT mean the user is logged in; call logged_in? to determine login status.

# File lib/authenticate/session.rb, line 14
def initialize(request)
  @request = request # trackable module accesses request
  @cookies = request.cookie_jar
  @session_token = @cookies[cookie_name]
  debug 'SESSION initialize: @session_token: ' + @session_token.inspect
end

Public Instance Methods

current_user() click to toggle source

Get the user represented by this session.

@return [User]

# File lib/authenticate/session.rb, line 61
def current_user
  debug "session.current_user #{@current_user.inspect}"
  @current_user ||= load_user_from_session_token if @session_token.present?
  @current_user
end
logged_in?() click to toggle source

Has this user successfully logged in?

@return [Boolean]

# File lib/authenticate/session.rb, line 70
def logged_in?
  debug "session.logged_in? #{current_user.present?}"
  current_user.present?
end
login(user) { |status| ... } click to toggle source

Finish user login process, after the user has been authenticated. The user is authenticated by Authenticate::Controller#authenticate.

Called when user creates an account or signs back into the app. Runs all configured callbacks, checking for login failure.

If login is successful, @current_user is set and a session token is generated and returned to the client browser. If login fails, the user is NOT logged in. No session token is set, and @current_user will not be set.

After callbacks are finished, a {LoginStatus} is yielded to the provided block, if one is provided.

@param [User] user login completed for this user @yieldparam [Success,Failure] status result of the sign in operation. @return [User]

# File lib/authenticate/session.rb, line 38
def login(user)
  @current_user = user
  @current_user.generate_session_token if user.present?

  message = catch(:failure) do
    Authenticate.lifecycle.run_callbacks(:after_set_user, @current_user, self, event: :authentication)
    Authenticate.lifecycle.run_callbacks(:after_authentication, @current_user, self, event: :authentication)
  end

  status = message.present? ? Failure.new(message) : Success.new
  if status.success?
    @current_user.save
    write_cookie if @current_user.session_token
  else
    @current_user = nil
  end

  yield(status) if block_given?
end
logout() click to toggle source

Invalidate the session token, unset the current user and remove the cookie.

@return [void]

# File lib/authenticate/session.rb, line 78
def logout
  # nuke session_token in db
  current_user.reset_session_token! if current_user.present?

  # nuke notion of current_user
  @current_user = nil

  # nuke session_token cookie from the client browser
  @cookies.delete cookie_name
end

Private Instance Methods

load_user_from_session_token() click to toggle source
# File lib/authenticate/session.rb, line 108
def load_user_from_session_token
  Authenticate.configuration.user_model_class.where(session_token: @session_token).first
end