Class: RememberMe

Inherits:

Merb::Authentication::Strategy

• Object
• Merb::Authentication::Strategy
• RememberMe

Defined in:

lib/merb-auth-remember-me/strategies/remember_me.rb

Instance Method Summary

• #current_user ⇒ Object
• #current_user=(new_user) ⇒ Object
• #handle_remember_cookie!(new_cookie_flag) ⇒ Object

  Refresh the cookie auth token if it exists, create it otherwise.

• #login_from_cookie ⇒ Object

  Called from #current_user.

• #run! ⇒ Object
• #send_remember_cookie! ⇒ Object
• #valid_remember_cookie? ⇒ Boolean

  Cookies shouldn’t be allowed to persist past their freshness date, and they should be changed at each login.

Instance Method Details

#current_user ⇒ Object

# File 'lib/merb-auth-remember-me/strategies/remember_me.rb', line 6

def current_user
  @current_user
end

#current_user=(new_user) ⇒ Object

# File 'lib/merb-auth-remember-me/strategies/remember_me.rb', line 10

def current_user=(new_user)
  @current_user = new_user
end

#handle_remember_cookie!(new_cookie_flag) ⇒ Object

Refresh the cookie auth token if it exists, create it otherwise

# File 'lib/merb-auth-remember-me/strategies/remember_me.rb', line 40

def handle_remember_cookie! new_cookie_flag
  return unless current_user
  case
  when valid_remember_cookie? then current_user.refresh_token # keeping same expiry date
  when new_cookie_flag        then current_user.remember_me 
  else                             current_user.forget_me
  end
  send_remember_cookie!
end

#login_from_cookie ⇒ Object

Called from #current_user. Finaly, attempt to login by an expiring token in the cookie. for the paranoid: we should be storing user_token = hash(cookie_token, request IP)

# File 'lib/merb-auth-remember-me/strategies/remember_me.rb', line 16

def login_from_cookie
  current_user = cookies[:auth_token] && Merb::Authentication.user_class.first(:conditions => ["remember_token = ?", cookies[:auth_token]])
  if current_user && current_user.remember_token?
    handle_remember_cookie! false # freshen cookie token (keeping date)
    current_user
  end
end

#run! ⇒ Object

# File 'lib/merb-auth-remember-me/strategies/remember_me.rb', line 2

def run!
  login_from_cookie
end

#send_remember_cookie! ⇒ Object

# File 'lib/merb-auth-remember-me/strategies/remember_me.rb', line 50

def send_remember_cookie!
  cookies.set_cookie(:auth_token, current_user.remember_token, :expires => current_user.remember_token_expires_at.to_time)
end

#valid_remember_cookie? ⇒ Boolean

Cookies shouldn’t be allowed to persist past their freshness date, and they should be changed at each login

Returns:

• (Boolean)

# File 'lib/merb-auth-remember-me/strategies/remember_me.rb', line 33

def valid_remember_cookie?
  return nil unless current_user
  (current_user.remember_token?) && 
    (cookies[:auth_token] == current_user.remember_token)
end