Module: Passwordless::ControllerHelpers

Included in:
Constraint, SessionsController, TestHelpers::ControllerTestCase::H
Defined in:
lib/passwordless/controller_helpers.rb

Overview

Helpers to work with Passwordless sessions from controllers

Instance Method Summary collapse

Instance Method Details

#authenticate_by_session(authenticatable_class) ⇒ ActiveRecord::Base|nil

Authenticate a record using the session. Looks for a session key corresponding to the authenticatable_class. If found try to find it in the database.

Parameters:

  • authenticatable_class (ActiveRecord::Base)

    any Model connected to passwordless. (e.g - User or Admin).

Returns:

  • (ActiveRecord::Base|nil)

    an instance of Model found by id stored in cookies.encrypted or nil if nothing is found.

See Also:



49
50
51
52
53
54
 
# File 'lib/passwordless/controller_helpers.rb', line 49

def authenticate_by_session(authenticatable_class)
  pwless_session = find_passwordless_session_for(authenticatable_class)
  return unless pwless_session&.available?

  pwless_session.authenticatable
end

#build_passwordless_session(authenticatable) ⇒ Session

Build a new Passwordless::Session from an authenticatable record.

Parameters:

  • authenticatable (ActiveRecord::Base)

    Instance of an authenticatable Rails model

Returns:

  • (Session)

    the new Session object

See Also:



17
18
19
 
# File 'lib/passwordless/controller_helpers.rb', line 17

def build_passwordless_session(authenticatable)
  Session.new(authenticatable: authenticatable)
end

#create_passwordless_session(authenticatable) ⇒ Session?

Create a new Passwordless::Session from an authenticatable record.

Parameters:

  • authenticatable (ActiveRecord::Base)

    Instance of an authenticatable Rails model

Returns:

  • (Session, nil)

    the new Session object or nil

See Also:



36
37
38
39
40
 
# File 'lib/passwordless/controller_helpers.rb', line 36

def create_passwordless_session(authenticatable)
  create_passwordless_session!(authenticatable)
rescue ActiveRecord::RecordInvalid
  nil
end

#create_passwordless_session!(authenticatable) ⇒ Session

Create a new Passwordless::Session from an authenticatable record.

Parameters:

  • authenticatable (ActiveRecord::Base)

    Instance of an authenticatable Rails model

Returns:

  • (Session)

    the new Session object

Raises:

  • (ActiveRecord::RecordInvalid)

    if the Session is invalid

See Also:



27
28
29
 
# File 'lib/passwordless/controller_helpers.rb', line 27

def create_passwordless_session!(authenticatable)
  Session.create!(authenticatable: authenticatable)
end

#find_passwordless_session_for(authenticatable_class) ⇒ Session?

Returns the Session (if set) from the session.

Returns:



8
9
10
 
# File 'lib/passwordless/controller_helpers.rb', line 8

def find_passwordless_session_for(authenticatable_class)
  Passwordless::Session.find_by(id: session[session_key(authenticatable_class)])
end

#redirect_session_key(authenticatable_class) ⇒ Object 



108
109
110
 
# File 'lib/passwordless/controller_helpers.rb', line 108

def redirect_session_key(authenticatable_class)
  :"passwordless_prev_location--#{authenticatable_class_parameterized(authenticatable_class)}"
end

#reset_passwordless_redirect_location!(authenticatable_class) ⇒ String?

Resets the redirect_location to root_path by deleting the redirect_url from session.

Parameters:

  • authenticatable_class (ActiveRecord::Base)

    any Model connected to passwordless. (e.g - User or Admin).

Returns:

  • (String, nil)

    the redirect url that was just deleted, or nil if no url found for given Model.



100
101
102
 
# File 'lib/passwordless/controller_helpers.rb', line 100

def reset_passwordless_redirect_location!(authenticatable_class)
  session.delete(redirect_session_key(authenticatable_class))
end

#save_passwordless_redirect_location!(authenticatable_class) ⇒ String

Saves request.original_url as the redirect location for a passwordless Model.

Parameters:

  • authenticatable_class (ActiveRecord::Base)

    any Model connected to passwordless. (e.g - User or Admin).

Returns:

  • (String)

    the redirect url that was just saved.



91
92
93
 
# File 'lib/passwordless/controller_helpers.rb', line 91

def save_passwordless_redirect_location!(authenticatable_class)
  session[redirect_session_key(authenticatable_class)] = request.original_url
end

#session_key(authenticatable_class) ⇒ Object 



104
105
106
 
# File 'lib/passwordless/controller_helpers.rb', line 104

def session_key(authenticatable_class)
  :"passwordless_session_id--#{authenticatable_class_parameterized(authenticatable_class)}"
end

#sign_in(passwordless_session) ⇒ ActiveRecord::Base

Signs in session to sign in

Parameters:

Returns:

  • (ActiveRecord::Base)

    the record that is passed in.

Raises:



60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
 
# File 'lib/passwordless/controller_helpers.rb', line 60

def (passwordless_session)
  passwordless_session.claim! if Passwordless.config.restrict_token_reuse

  raise Passwordless::Errors::SessionTimedOutError if passwordless_session.timed_out?

  if defined?(reset_session)
    old_session = session.dup.to_hash
    # allow usage outside controllers
    reset_session
    old_session.each_pair { |k, v| session[k.to_sym] = v }
  end

  key = session_key(passwordless_session.authenticatable_type)
  session[key] = passwordless_session.id

  passwordless_session
end

#sign_out(authenticatable_class) ⇒ boolean

Signs out user by deleting the session key.

Parameters:

  • authenticatable_class (ActiveRecord::Base)

    any Model connected to passwordless. (e.g - User or Admin).

Returns:

  • (boolean)

    Always true



81
82
83
84
85
 
# File 'lib/passwordless/controller_helpers.rb', line 81

def sign_out(authenticatable_class)
  session.delete(session_key(authenticatable_class))
  reset_session
  true
end