Class: MiniAuth::SessionGuard

Inherits:

Guard

• Object
• Guard
• MiniAuth::SessionGuard

Defined in:

lib/mini_auth/session_guard.rb

Constant Summary

REMEMBER_DURATION =

86400 * 30

Instance Attribute Summary

• #login_url ⇒ Object readonly

  Returns the value of attribute login_url.

• #model ⇒ Object readonly

  Returns the value of attribute model.

• #name ⇒ Object readonly

  Returns the value of attribute name.

• #request ⇒ Object readonly

  Returns the value of attribute request.

• #session ⇒ Object readonly

  Returns the value of attribute session.

Class Method Summary

• .hash_password(plaintext) ⇒ Object

Instance Method Summary

• #attempt!(credentials, remember = false) ⇒ Object
• #auth_url ⇒ Object
• #initialize(name, model, request, login_url, remember_time = REMEMBER_DURATION) ⇒ SessionGuard constructor

  A new instance of SessionGuard.

• #login!(user, remember = false) ⇒ Object
• #logout! ⇒ Object
• #user ⇒ Object

Methods inherited from Guard

#guest?, #logged_in?

Constructor Details

#initialize(name, model, request, login_url, remember_time = REMEMBER_DURATION) ⇒ SessionGuard

Returns a new instance of SessionGuard.

Parameters:

• name (String)
• model (Class)
• request (ActionDispatch::Request)
• login_url (String)
• remember_time (Integer) (defaults to: REMEMBER_DURATION)

# File 'lib/mini_auth/session_guard.rb', line 19

def initialize(name, model, request, login_url, remember_time = REMEMBER_DURATION)
  @name = name
  @model = model
  @request = request
  @login_url = login_url
  @remember_time = remember_time
end

Instance Attribute Details

#login_url ⇒ Object (readonly)

Returns the value of attribute login_url.

# File 'lib/mini_auth/session_guard.rb', line 8

def login_url
  @login_url
end

#model ⇒ Object (readonly)

Returns the value of attribute model.

# File 'lib/mini_auth/session_guard.rb', line 8

def model
  @model
end

#name ⇒ Object (readonly)

Returns the value of attribute name.

# File 'lib/mini_auth/session_guard.rb', line 8

def name
  @name
end

#request ⇒ Object (readonly)

Returns the value of attribute request.

# File 'lib/mini_auth/session_guard.rb', line 8

def request
  @request
end

#session ⇒ Object (readonly)

Returns the value of attribute session.

# File 'lib/mini_auth/session_guard.rb', line 8

def session
  @session
end

Class Method Details

.hash_password(plaintext) ⇒ Object

# File 'lib/mini_auth/session_guard.rb', line 10

def self.hash_password(plaintext)
  BCrypt::Password.create(plaintext, cost: 12)
end

Instance Method Details

#attempt!(credentials, remember = false) ⇒ Object

# File 'lib/mini_auth/session_guard.rb', line 27

def attempt!(credentials, remember = false)
  user = @model.where(credentials.except(:password)).first
  return false if user.blank?

  unless BCrypt::Password.new(user.password).is_password?(credentials[:password])
    return false
  end

  login!(user, remember)
  true
end

#auth_url ⇒ Object

# File 'lib/mini_auth/session_guard.rb', line 72

def auth_url
  login_url
end

#login!(user, remember = false) ⇒ Object

# File 'lib/mini_auth/session_guard.rb', line 39

def login!(user, remember = false)
  @user = user
  @request.reset_session
  @request.session[session_storage_key] = user.id

  if remember
    @user.remember_token = SecureRandom.base58(48)
    @user.save!

    @request.cookie_jar.encrypted.signed[:remember_me] = {
      value: @user.remember_token,
      expires: (Time.now + @remember_time).utc,
      httponly: true
    }
  end

  @user
end

#logout! ⇒ Object

# File 'lib/mini_auth/session_guard.rb', line 58

def logout!
  @user = nil

  @request.session.delete(session_storage_key)
  @request.cookie_jar.delete(:remember_me)
  @request.reset_session

  nil
end

#user ⇒ Object

# File 'lib/mini_auth/session_guard.rb', line 68

def user
  @user ||= fetch_session_user
end