Module: GrapeTokenAuth::ActiveRecord::TokenAuth

Defined in:
lib/grape_token_auth/orm_integrations/active_record_token_auth.rb

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#passwordObject

Returns the value of attribute password.



5
6
7
 
# File 'lib/grape_token_auth/orm_integrations/active_record_token_auth.rb', line 5

def password
  @password
end

#password_confirmationObject

Returns the value of attribute password_confirmation.



5
6
7
 
# File 'lib/grape_token_auth/orm_integrations/active_record_token_auth.rb', line 5

def password_confirmation
  @password_confirmation
end

Class Method Details

.included(base) ⇒ Object 



7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
 
# File 'lib/grape_token_auth/orm_integrations/active_record_token_auth.rb', line 7

def self.included(base)
  base.serialize :tokens, JSON
  base.after_initialize { self.tokens ||= {} }
  base.validates :password, presence: true, on: :create
  base.validate :password_confirmation_matches,
                if: :encrypted_password_changed?
  base.validates :email, uniqueness: { scope: :provider },
                         format: { with: Configuration::EMAIL_VALIDATION,
                                   message: 'invalid email' }, allow_blank: true
  base.before_update :synchronize_email_and_uid

  class << base
    def case_insensitive_keys
      @case_insensitive_keys ||
        if Object.const_defined?(:Devise)
          Object.const_get(:Devise).case_insensitive_keys
        else
          [:email]
        end
    end

    def exists_in_column?(column, value)
      where(column => value).count > 0
    end

    def find_with_reset_token(attributes)
      original_token = attributes[:reset_password_token]
      reset_password_token = LookupToken.digest(:reset_password_token,
                                                original_token)

      recoverable = find_or_initialize_by(reset_password_token:
                                          reset_password_token)

      return nil unless recoverable.persisted?

      recoverable.reset_password_token = original_token
      recoverable
    end

    def reset_token_lifespan
      @reset_token_lifespan || 60 * 60 * 6 # 6 hours
    end

    def confirmation_token_lifespan
      @confirmat_token_lifespan || 60 * 60 * 24 * 3 # 3 days
    end

    def confirm_by_token(token)
      confirmation_digest = LookupToken.digest(:confirmation_token,
                                               token)
      confirmable = find_or_initialize_by(confirmation_token:
                                          confirmation_digest)

      return nil unless confirmable.persisted?

      confirmable.confirm
      confirmable
    end

    def get(key)
      find(key)
    end

    attr_writer :reset_token_lifespan
    attr_writer :confirmation_token_lifespan
    attr_writer :case_insensitive_keys
  end
end

Instance Method Details

#after_confirmationObject 



226
227
 
# File 'lib/grape_token_auth/orm_integrations/active_record_token_auth.rb', line 226

def after_confirmation
end

#authenticatable_saltObject 



76
77
 
# File 'lib/grape_token_auth/orm_integrations/active_record_token_auth.rb', line 76

def authenticatable_salt
end

#build_auth_url(url, params) ⇒ Object 



203
204
205
206
207
208
 
# File 'lib/grape_token_auth/orm_integrations/active_record_token_auth.rb', line 203

def build_auth_url(url, params)
  url = URI(url)
  expiry = tokens[params[:client_id]].with_indifferent_access[:expiry]
  url.query = params.merge(uid: uid, expiry: expiry).to_query
  url.to_s
end

#confirm(args = {}) ⇒ Object

devise method



180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
 
# File 'lib/grape_token_auth/orm_integrations/active_record_token_auth.rb', line 180

def confirm(args = {})
  pending_any_confirmation do
    if confirmation_period_expired?
      errors.add(:email, :confirmation_period_expired)
      return false
    end

    self.confirmed_at = Time.now.utc

    #if self.class.reconfirmable && unconfirmed_email.present?
    #  self.email = unconfirmed_email
    #  self.unconfirmed_email = nil

    #  # We need to validate in such cases to enforce e-mail uniqueness
    #  saved = save(validate: true)
    #else
    saved = save(validate: args[:ensure_valid] == true)

    after_confirmation if saved
    saved
  end
end

#confirmation_period_expired?Boolean

Returns:

  • (Boolean) 


222
223
224
 
# File 'lib/grape_token_auth/orm_integrations/active_record_token_auth.rb', line 222

def confirmation_period_expired?
  confirmation_sent_at && (Time.now > confirmation_sent_at + self.class.confirmation_token_lifespan)
end

#confirmed?Boolean

Returns:

  • (Boolean) 


214
215
216
 
# File 'lib/grape_token_auth/orm_integrations/active_record_token_auth.rb', line 214

def confirmed?
  !!confirmed_at
end

#create_new_auth_token(client_id = nil) ⇒ Object 



98
99
100
101
102
103
104
105
106
 
# File 'lib/grape_token_auth/orm_integrations/active_record_token_auth.rb', line 98

def create_new_auth_token(client_id = nil)
  self.tokens = {} if tokens.nil?
  token = Token.new(client_id)
  last_token = tokens.fetch(client_id, {})['token']
  tokens[token.client_id] = token.to_h.merge(last_token: last_token)
  self.save!

  AuthenticationHeader.build_auth_headers(token, uid)
end

#extend_batch_buffer(token, client_id) ⇒ Object 



129
130
131
132
133
134
135
136
 
# File 'lib/grape_token_auth/orm_integrations/active_record_token_auth.rb', line 129

def extend_batch_buffer(token, client_id)
  token_hash = tokens[client_id]
  token_hash[:updated_at] = Time.now
  expiry = token_hash[:expiry] || token_hash['expiry']
  save!
  AuthenticationHeader.build_auth_headers(
    Token.new(client_id, token, expiry), uid)
end

#password_confirmation_matchesObject 



91
92
93
94
95
96
 
# File 'lib/grape_token_auth/orm_integrations/active_record_token_auth.rb', line 91

def password_confirmation_matches
  return if password.present? && password_confirmation.present? &&
            password == password_confirmation
  errors.add(:base,
             'password and password confirmation do not match')
end

#pending_reconfirmation?Boolean

Returns:

  • (Boolean) 


210
211
212
 
# File 'lib/grape_token_auth/orm_integrations/active_record_token_auth.rb', line 210

def pending_reconfirmation?
  unconfirmed_email.present?
end

#reset_password(password, password_confirmation) ⇒ Object 



85
86
87
88
89
 
# File 'lib/grape_token_auth/orm_integrations/active_record_token_auth.rb', line 85

def reset_password(password, password_confirmation)
  self.password = password
  self.password_confirmation = password_confirmation
  save
end

#reset_password_period_valid?Boolean

Returns:

  • (Boolean) 


79
80
81
82
83
 
# File 'lib/grape_token_auth/orm_integrations/active_record_token_auth.rb', line 79

def reset_password_period_valid?
  return false unless reset_password_sent_at
  expiry = reset_password_sent_at.utc + self.class.reset_token_lifespan
  Time.now.utc <= expiry
end

#send_confirmation_instructions(opts) ⇒ Object 



166
167
168
169
170
171
172
173
174
175
176
177
 
# File 'lib/grape_token_auth/orm_integrations/active_record_token_auth.rb', line 166

def send_confirmation_instructions(opts)
  opts ||= {}
  token = generate_confirmation_token!
  opts[:token] = token

  # fall back to "default" config name
  opts[:client_config] ||= 'default'
  opts[:to] = pending_reconfirmation? ? unconfirmed_email : email

  GrapeTokenAuth.send_notification(:confirmation_instructions,  opts)
  token
end

#send_reset_password_instructions(opts) ⇒ Object 



153
154
155
156
157
158
159
160
161
162
163
164
 
# File 'lib/grape_token_auth/orm_integrations/active_record_token_auth.rb', line 153

def send_reset_password_instructions(opts)
  token = set_reset_password_token

  opts ||= {}
  opts[:client_config] ||= 'default'
  opts[:token] = token
  opts[:to] = email

  GrapeTokenAuth.send_notification(:reset_password_instructions, opts)

  token
end

#serializable_hash(options = nil) ⇒ Object

Copied out of Devise. Excludes the serialization blacklist.



139
140
141
142
143
144
145
146
147
148
149
150
151
 
# File 'lib/grape_token_auth/orm_integrations/active_record_token_auth.rb', line 139

def serializable_hash(options = nil)
  options ||= {}
  options[:except] = Array(options[:except])

  if options[:force_except]
    options[:except].concat Array(options[:force_except])
  else
    blacklist = GrapeTokenAuth.configuration.serialization_blacklist
    options[:except].concat blacklist
  end

  super(options)
end

#skip_confirmation!Object 



218
219
220
 
# File 'lib/grape_token_auth/orm_integrations/active_record_token_auth.rb', line 218

def skip_confirmation!
  self.confirmed_at = Time.now.utc
end

#token_validation_responseObject 



229
230
231
 
# File 'lib/grape_token_auth/orm_integrations/active_record_token_auth.rb', line 229

def token_validation_response
  as_json(except: [:tokens, :created_at, :updated_at])
end

#valid_password?(password) ⇒ Boolean

Returns:

  • (Boolean) 


121
122
123
 
# File 'lib/grape_token_auth/orm_integrations/active_record_token_auth.rb', line 121

def valid_password?(password)
  BCrypt::Password.new(encrypted_password) == password
end

#valid_token?(token, client_id) ⇒ Boolean

Returns:

  • (Boolean) 


108
109
110
111
112
113
114
 
# File 'lib/grape_token_auth/orm_integrations/active_record_token_auth.rb', line 108

def valid_token?(token, client_id)
  return false unless tokens && tokens[client_id]
  return true if token_is_current?(token, client_id)
  return true if token_can_be_reused?(token, client_id)

  false
end

#while_record_locked(&block) ⇒ Object 



125
126
127
 
# File 'lib/grape_token_auth/orm_integrations/active_record_token_auth.rb', line 125

def while_record_locked(&block)
  with_lock(&block)
end