class Tiddle::TokenIssuer
Constants
- MAXIMUM_TOKENS_PER_USER
Attributes
maximum_tokens_per_user[RW]
Public Class Methods
build()
click to toggle source
# File lib/tiddle/token_issuer.rb, line 7 def self.build new(MAXIMUM_TOKENS_PER_USER) end
new(maximum_tokens_per_user)
click to toggle source
# File lib/tiddle/token_issuer.rb, line 11 def initialize(maximum_tokens_per_user) self.maximum_tokens_per_user = maximum_tokens_per_user end
Public Instance Methods
create_and_return_token(resource, request, expires_in: nil, metadata: {})
click to toggle source
# File lib/tiddle/token_issuer.rb, line 15 def create_and_return_token(resource, request, expires_in: nil, metadata: {}) token_class = authentication_token_class(resource) token, token_body = Devise.token_generator.generate(token_class, :body) resource.authentication_tokens.create!( token_attributes( token_body: token_body, request: request, expires_in: expires_in, metadata: metadata ) ) token end
expire_token(resource, request)
click to toggle source
# File lib/tiddle/token_issuer.rb, line 31 def expire_token(resource, request) find_token(resource, request.headers["X-#{ModelName.new.with_dashes(resource)}-TOKEN"]) .try(:destroy) end
find_token(resource, token_from_headers)
click to toggle source
# File lib/tiddle/token_issuer.rb, line 36 def find_token(resource, token_from_headers) token_class = authentication_token_class(resource) token_body = Devise.token_generator.digest(token_class, :body, token_from_headers) # 'find_by' behaves differently in AR vs Mongoid, so using 'where' instead resource.authentication_tokens.where(body: token_body).first end
purge_old_tokens(resource)
click to toggle source
# File lib/tiddle/token_issuer.rb, line 43 def purge_old_tokens(resource) resource.authentication_tokens .order(last_used_at: :desc) .offset(maximum_tokens_per_user) .destroy_all end
Private Instance Methods
authentication_token_class(resource)
click to toggle source
# File lib/tiddle/token_issuer.rb, line 54 def authentication_token_class(resource) if resource.respond_to?(:association) # ActiveRecord resource.association(:authentication_tokens).klass elsif resource.respond_to?(:relations) # Mongoid resource.relations['authentication_tokens'].klass else raise 'Cannot determine authentication token class, unsupported ORM/ODM?' end end
token_attributes(token_body:, request:, expires_in:, metadata: {})
click to toggle source
# File lib/tiddle/token_issuer.rb, line 64 def token_attributes(token_body:, request:, expires_in:, metadata: {}) attributes = { body: token_body, last_used_at: Time.current, ip_address: request.remote_ip, user_agent: request.user_agent }.merge(metadata) if expires_in attributes.merge(expires_in: expires_in) else attributes end end