Class: Tiddle::TokenIssuer

Inherits:

Object

• Object
• Tiddle::TokenIssuer

Defined in:

lib/tiddle/token_issuer.rb

Constant Summary

MAXIMUM_TOKENS_PER_USER =

20

Class Method Summary

• .build ⇒ Object

Instance Method Summary

• #create_and_return_token(resource, request, expires_in: nil, metadata: {}) ⇒ Object
• #expire_token(resource, request) ⇒ Object
• #find_token(resource, token_from_headers) ⇒ Object
• #initialize(maximum_tokens_per_user) ⇒ TokenIssuer constructor

  A new instance of TokenIssuer.

• #purge_old_tokens(resource) ⇒ Object

Constructor Details

#initialize(maximum_tokens_per_user) ⇒ TokenIssuer

Returns a new instance of TokenIssuer.

# File 'lib/tiddle/token_issuer.rb', line 11

def initialize(maximum_tokens_per_user)
  self.maximum_tokens_per_user = maximum_tokens_per_user
end

Class Method Details

.build ⇒ Object

# File 'lib/tiddle/token_issuer.rb', line 7

def self.build
  new(MAXIMUM_TOKENS_PER_USER)
end

Instance Method Details

#create_and_return_token(resource, request, expires_in: nil, metadata: {}) ⇒ Object

# File 'lib/tiddle/token_issuer.rb', line 15

def create_and_return_token(resource, request, expires_in: nil, metadata: {})
  token_class = authentication_token_class(resource)
  token, token_body = Devise.token_generator.generate(token_class, :body)

  resource.authentication_tokens.create!(
    token_attributes(
      token_body: token_body,
      request: request,
      expires_in: expires_in,
      metadata: metadata
    )
  )

  token
end

#expire_token(resource, request) ⇒ Object

# File 'lib/tiddle/token_issuer.rb', line 31

def expire_token(resource, request)
  find_token(resource, request.headers["X-#{ModelName.new.with_dashes(resource)}-TOKEN"])
    .try(:destroy)
end

#find_token(resource, token_from_headers) ⇒ Object

# File 'lib/tiddle/token_issuer.rb', line 36

def find_token(resource, token_from_headers)
  token_class = authentication_token_class(resource)
  token_body = Devise.token_generator.digest(token_class, :body, token_from_headers)
  # 'find_by' behaves differently in AR vs Mongoid, so using 'where' instead
  resource.authentication_tokens.where(body: token_body).first
end

#purge_old_tokens(resource) ⇒ Object

# File 'lib/tiddle/token_issuer.rb', line 43

def purge_old_tokens(resource)
  resource.authentication_tokens
          .order(last_used_at: :desc)
          .offset(maximum_tokens_per_user)
          .destroy_all
end