module MortalToken

Constants

VERSION: Library version

Attributes

digest[R]

The digest to use. Defaults to ‘sha512’.

salt_length[RW]

Salt length in bytes. Defaults to 8.

secret[RW]

The master secret token (Keep it secret! Keep it safe!). Changing this will invalidate all existing tokens.

Public Class Methods

create(seconds, message = nil) click to toggle source

Create a new token that lasts for N seconds. Message is optional, but must be a string when present.

# File lib/mortal-token/mortal-token.rb, line 3
def self.create(seconds, message = nil)
  expires = Time.now.utc.to_i + seconds
  salt = SecureRandom.hex MortalToken.salt_length
  Token.new expires, salt, message
end

digest=(name) click to toggle source

Set a new digest type

# File lib/mortal-token/config.rb, line 12
def self.digest=(name)
  @digest = OpenSSL::Digest.new name
end

recover(token_str) click to toggle source

Recover a token and digest created with MortalToken#to_s. Returns [token, digest]. You must then check their validity with “token == digest”

# File lib/mortal-token/mortal-token.rb, line 11
def self.recover(token_str)
  h = JSON.parse Base64.urlsafe_decode64 token_str.to_s
  token = Token.new h['expires'], h['salt'], h['message']
  return token, h['digest']
rescue ArgumentError, JSON::ParserError
  return create 0, ''
end

valid?(token_str) click to toggle source

Check if a token created with MoralToken#to_s is valid.

# File lib/mortal-token/mortal-token.rb, line 20
def self.valid?(token_str)
  token, digest = recover token_str
  token == digest
end