Class: Token
- Inherits:
-
ApplicationRecord
- Object
- ActiveRecord::Base
- ApplicationRecord
- Token
- Defined in:
- app/models/token.rb
Overview
Redmine - project management software Copyright © 2006- Jean-Philippe Lang
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
Class Attribute Summary collapse
-
.actions ⇒ Object
readonly
Returns the value of attribute actions.
Class Method Summary collapse
- .add_action(name, options) ⇒ Object
-
.destroy_expired ⇒ Object
Delete all expired tokens.
-
.find_active_user(action, key, validity_days = nil) ⇒ Object
Returns the active user who owns the key for the given action.
-
.find_token(action, key, validity_days = nil) ⇒ Object
Returns the token for action and key with an optional validity duration (in number of days).
-
.find_user(action, key, validity_days = nil) ⇒ Object
Returns the user who owns the key for the given action.
- .generate_token_value ⇒ Object
- .invalid_when_created_before(action = nil) ⇒ Object
Instance Method Summary collapse
-
#expired? ⇒ Boolean
Return true if token has expired.
- #generate_new_token ⇒ Object
- #max_instances ⇒ Object
Methods inherited from ApplicationRecord
Class Attribute Details
.actions ⇒ Object (readonly)
Returns the value of attribute actions.
30 31 32 |
# File 'app/models/token.rb', line 30 def actions @actions end |
Class Method Details
.add_action(name, options) ⇒ Object
32 33 34 35 36 |
# File 'app/models/token.rb', line 32 def add_action(name, ) .assert_valid_keys(:max_instances, :validity_time) @actions ||= {} @actions[name.to_s] = end |
.destroy_expired ⇒ Object
Delete all expired tokens
75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 |
# File 'app/models/token.rb', line 75 def self.destroy_expired t = Token.arel_table # Unknown actions have default validity_time condition = t[:action].not_in(self.actions.keys).and(t[:created_on].lt(invalid_when_created_before)) self.actions.each_key do |action| validity_time = invalid_when_created_before(action) # Do not delete tokens, which don't become invalid next if validity_time.nil? condition = condition.or( t[:action].eq(action).and(t[:created_on].lt(validity_time)) ) end Token.where(condition).delete_all end |
.find_active_user(action, key, validity_days = nil) ⇒ Object
Returns the active user who owns the key for the given action
96 97 98 99 100 101 |
# File 'app/models/token.rb', line 96 def self.find_active_user(action, key, validity_days=nil) user = find_user(action, key, validity_days) if user && user.active? user end end |
.find_token(action, key, validity_days = nil) ⇒ Object
Returns the token for action and key with an optional validity duration (in number of days)
113 114 115 116 117 118 119 120 121 122 123 124 125 126 |
# File 'app/models/token.rb', line 113 def self.find_token(action, key, validity_days=nil) action = action.to_s key = key.to_s return nil unless action.present? && /\A[a-z0-9]+\z/i.match?(key) token = Token.find_by(:action => action, :value => key) return unless token return unless token.action == action return unless ActiveSupport::SecurityUtils.secure_compare(token.value.to_s, key) return unless token.user return unless validity_days.nil? || (token.created_on > validity_days.days.ago) token end |
.find_user(action, key, validity_days = nil) ⇒ Object
Returns the user who owns the key for the given action
104 105 106 107 108 109 |
# File 'app/models/token.rb', line 104 def self.find_user(action, key, validity_days=nil) token = find_token(action, key, validity_days) if token token.user end end |
.generate_token_value ⇒ Object
128 129 130 |
# File 'app/models/token.rb', line 128 def self.generate_token_value Redmine::Utils.random_hex(20) end |
.invalid_when_created_before(action = nil) ⇒ Object
61 62 63 64 65 66 67 68 69 70 71 72 |
# File 'app/models/token.rb', line 61 def self.invalid_when_created_before(action = nil) if Token.actions.has_key?(action) validity_time = Token.actions[action][:validity_time] validity_time = validity_time.call(action) if validity_time.respond_to? :call else validity_time = self.validity_time end if validity_time Time.now - validity_time end end |
Instance Method Details
#expired? ⇒ Boolean
Return true if token has expired
52 53 54 55 |
# File 'app/models/token.rb', line 52 def expired? validity_time = self.class.invalid_when_created_before(action) validity_time.present? && created_on < validity_time end |
#generate_new_token ⇒ Object
47 48 49 |
# File 'app/models/token.rb', line 47 def generate_new_token self.value = Token.generate_token_value end |