summaryrefslogtreecommitdiff
path: root/users/app/models
diff options
context:
space:
mode:
authorjessib <jessib@riseup.net>2013-09-03 10:43:34 -0700
committerjessib <jessib@riseup.net>2013-09-03 10:43:34 -0700
commitf3e17149116f6a3aeb87f8a6d0ecf29e8e33ad93 (patch)
tree2dfae950a25c5db22a456d96016898c5a9add5a6 /users/app/models
parentf97777ed0252abe94f8d94cb4565fb5a6c35ab23 (diff)
parent42cef3117cd97d9c37968a8cf63d33b27b4b8ed2 (diff)
Merge pull request #75 from azul/feature/token-expiry
Token expiry
Diffstat (limited to 'users/app/models')
-rw-r--r--users/app/models/token.rb30
1 files changed, 30 insertions, 0 deletions
diff --git a/users/app/models/token.rb b/users/app/models/token.rb
index 3de0059..dd87344 100644
--- a/users/app/models/token.rb
+++ b/users/app/models/token.rb
@@ -4,11 +4,41 @@ class Token < CouchRest::Model::Base
belongs_to :user
+ # timestamps! does not create setters and only sets updated_at
+ # if the object has changed and been saved. Instead of triggering
+ # that we rather use our own property we have control over:
+ property :last_seen_at, Time, accessible: false
+
validates :user_id, presence: true
+ def authenticate
+ if expired?
+ destroy
+ return nil
+ else
+ touch
+ return user
+ end
+ end
+
+ def touch
+ self.last_seen_at = Time.now
+ save
+ end
+
+ def expired?
+ expires_after and
+ last_seen_at + expires_after.minutes < Time.now
+ end
+
+ def expires_after
+ APP_CONFIG[:auth] && APP_CONFIG[:auth][:token_expires_after]
+ end
+
def initialize(*args)
super
self.id = SecureRandom.urlsafe_base64(32).gsub(/^_*/, '')
+ self.last_seen_at = Time.now
end
design do