Class: Authenticate::Session

Inherits:

Object

• Object
• Authenticate::Session

Includes:

Debug

Defined in:

lib/authenticate/session.rb

Overview

Represents an Authenticate session.

Instance Attribute Summary

• #request ⇒ Object

  Returns the value of attribute request.

Instance Method Summary

• #current_user ⇒ User

  Get the user represented by this session.

• #initialize(request) ⇒ Session constructor

  Initialize an Authenticate session.

• #logged_in? ⇒ Boolean

  Has this user successfully logged in?.

• #login(user) {|status| ... } ⇒ User

  Finish user login process, after the user has been authenticated.

• #logout ⇒ void

  Invalidate the session token, unset the current user and remove the cookie.

Methods included from Debug

#debug

Constructor Details

#initialize(request) ⇒ Session

Initialize an Authenticate session.

The presence of a session does NOT mean the user is logged in; call #logged_in? to determine login status.

# File 'lib/authenticate/session.rb', line 14

def initialize(request)
  @request = request # trackable module accesses request
  @cookies = request.cookie_jar
  @session_token = @cookies[cookie_name]
  debug 'SESSION initialize: @session_token: ' + @session_token.inspect
end

Instance Attribute Details

#request ⇒ Object

Returns the value of attribute request.

# File 'lib/authenticate/session.rb', line 9

def request
  @request
end

Instance Method Details

#current_user ⇒ User

Get the user represented by this session.

Returns:

• (User)

# File 'lib/authenticate/session.rb', line 61

def current_user
  debug "session.current_user #{@current_user.inspect}"
  @current_user ||= load_user_from_session_token if @session_token.present?
  @current_user
end

#logged_in? ⇒ Boolean

Has this user successfully logged in?

Returns:

• (Boolean)

# File 'lib/authenticate/session.rb', line 70

def logged_in?
  debug "session.logged_in? #{current_user.present?}"
  current_user.present?
end

#login(user) {|status| ... } ⇒ User

Finish user login process, after the user has been authenticated. The user is authenticated by Authenticate::Controller#authenticate.

Called when user creates an account or signs back into the app. Runs all configured callbacks, checking for login failure.

If login is successful, @current_user is set and a session token is generated and returned to the client browser. If login fails, the user is NOT logged in. No session token is set, and @current_user will not be set.

After callbacks are finished, a LoginStatus is yielded to the provided block, if one is provided.

Parameters:

• user (User) —

  login completed for this user

Yield Parameters:

• status (Success, Failure) —

  result of the sign in operation.

Returns:

• (User)

# File 'lib/authenticate/session.rb', line 38

def login(user)
  @current_user = user
  @current_user.generate_session_token if user.present?

  message = catch(:failure) do
    Authenticate.lifecycle.run_callbacks(:after_set_user, @current_user, self, event: :authentication)
    Authenticate.lifecycle.run_callbacks(:after_authentication, @current_user, self, event: :authentication)
  end

  status = message.present? ? Failure.new(message) : Success.new
  if status.success?
    @current_user.save
    write_cookie if @current_user.session_token
  else
    @current_user = nil
  end

  yield(status) if block_given?
end

#logout ⇒ void

This method returns an undefined value.

Invalidate the session token, unset the current user and remove the cookie.

# File 'lib/authenticate/session.rb', line 78

def logout
  # nuke session_token in db
  current_user.reset_session_token! if current_user.present?

  # nuke notion of current_user
  @current_user = nil

  # nuke session_token cookie from the client browser
  @cookies.delete cookie_name
end