From b6d14dc19dd350a807826e3e097738a36613e083 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Tue, 8 Apr 2014 11:49:14 +0200
Subject: moving users: app and test files

---
 app/models/token.rb | 69 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 69 insertions(+)
 create mode 100644 app/models/token.rb

(limited to 'app/models/token.rb')

diff --git a/app/models/token.rb b/app/models/token.rb
new file mode 100644
index 0000000..4856c31
--- /dev/null
+++ b/app/models/token.rb
@@ -0,0 +1,69 @@
+class Token < CouchRest::Model::Base
+
+  use_database :tokens
+
+  belongs_to :user
+
+  # timestamps! does not create setters and only sets updated_at
+  # if the object has changed and been saved. Instead of triggering
+  # that we rather use our own property we have control over:
+  property :last_seen_at, Time, accessible: false
+
+  validates :user_id, presence: true
+
+  design do
+    view :by_last_seen_at
+  end
+
+  def self.expires_after
+    APP_CONFIG[:auth] && APP_CONFIG[:auth][:token_expires_after]
+  end
+
+  def self.expired
+    return [] unless expires_after
+    by_last_seen_at.endkey(expires_after.minutes.ago)
+  end
+
+  def self.destroy_all_expired
+    self.expired.each do |token|
+      token.destroy
+    end
+  end
+
+  def authenticate
+    if expired?
+      destroy
+      return nil
+    else
+      touch
+      return user
+    end
+  end
+
+  # Tokens can be cleaned up in different ways.
+  # So let's make sure we don't crash if they disappeared
+  def destroy_with_rescue
+    destroy_without_rescue
+  rescue RestClient::ResourceNotFound
+  end
+  alias_method_chain :destroy, :rescue
+
+  def touch
+    self.last_seen_at = Time.now
+    save
+  end
+
+  def expired?
+    Token.expires_after and
+    last_seen_at < Token.expires_after.minutes.ago
+  end
+
+  def initialize(*args)
+    super
+    if new_record?
+      self.id = SecureRandom.urlsafe_base64(32).gsub(/^_*/, '')
+      self.last_seen_at = Time.now
+    end
+  end
+end
+
-- 
cgit v1.2.3


From 86eb9062f1e81302647bf18ce0f5fd981202b68a Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Tue, 13 May 2014 09:51:36 +0200
Subject: allow for usernames with dots

preparing for #5664 with some test improvements i ran into this issue

This commit includes a fix and the test improvements. In particular it
adds BrowserIntegrationTest#login - so there is no need to go through the signup procedure everytime you want a user to be logged in.
---
 app/models/token.rb | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'app/models/token.rb')

diff --git a/app/models/token.rb b/app/models/token.rb
index 4856c31..e759ee3 100644
--- a/app/models/token.rb
+++ b/app/models/token.rb
@@ -30,6 +30,10 @@ class Token < CouchRest::Model::Base
     end
   end
 
+  def to_s
+    id
+  end
+
   def authenticate
     if expired?
       destroy
-- 
cgit v1.2.3