add support for rotating tokens and sessions databases, and for a special tmp db for test users.

author: elijah <elijah@riseup.net> 2015-03-11 01:12:23 -0700
committer: elijah <elijah@riseup.net> 2015-03-17 22:36:27 -0700
commit: 9266c3ac58404894539e25e514d8d8a6775c701f (patch)
tree: 3beaa846b37aecdf933763564710c2e1042c03a3 /app/models/token.rb
parent: a777c4c677e8cbd4f91c66a29ee1ecb347c5b8ab (diff)
1 files changed, 8 insertions, 5 deletions
diff --git a/app/models/token.rb b/app/models/token.rb
index ff2ad12..4afd275 100644
--- a/app/models/token.rb
+++ b/app/models/token.rb
@@ -1,8 +1,15 @@
 require 'digest/sha2'
 
 class Token < CouchRest::Model::Base
+  def self.expires_after
+    APP_CONFIG[:auth] && APP_CONFIG[:auth][:token_expires_after]
+  end
 
-  use_database :tokens
+  include CouchRest::Model::Rotation
+  rotate_database :tokens,
+    :every => 1.month,
+    :timestamp_field => :last_seen_at,
+    :timeout => self.expires_after.to_i # in minutes
 
   belongs_to :user
 
@@ -23,10 +30,6 @@ class Token < CouchRest::Model::Base
     self.find Digest::SHA512.hexdigest(token)
   end
 
-  def self.expires_after
-    APP_CONFIG[:auth] && APP_CONFIG[:auth][:token_expires_after]
-  end
-
   def self.expired
     return [] unless expires_after
     by_last_seen_at.endkey(expires_after.minutes.ago)
author	elijah <elijah@riseup.net>	2015-03-11 01:12:23 -0700
committer	elijah <elijah@riseup.net>	2015-03-17 22:36:27 -0700
commit	9266c3ac58404894539e25e514d8d8a6775c701f (patch)
tree	3beaa846b37aecdf933763564710c2e1042c03a3 /app/models/token.rb
parent	a777c4c677e8cbd4f91c66a29ee1ecb347c5b8ab (diff)