From 42cef3117cd97d9c37968a8cf63d33b27b4b8ed2 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Wed, 28 Aug 2013 11:13:38 +0200
Subject: expire token according to config setting auth:token_expires_after

---
 users/app/models/token.rb | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

(limited to 'users/app/models/token.rb')

diff --git a/users/app/models/token.rb b/users/app/models/token.rb
index 3de0059..dd87344 100644
--- a/users/app/models/token.rb
+++ b/users/app/models/token.rb
@@ -4,11 +4,41 @@ class Token < CouchRest::Model::Base
 
   belongs_to :user
 
+  # timestamps! does not create setters and only sets updated_at
+  # if the object has changed and been saved. Instead of triggering
+  # that we rather use our own property we have control over:
+  property :last_seen_at, Time, accessible: false
+
   validates :user_id, presence: true
 
+  def authenticate
+    if expired?
+      destroy
+      return nil
+    else
+      touch
+      return user
+    end
+  end
+
+  def touch
+    self.last_seen_at = Time.now
+    save
+  end
+
+  def expired?
+    expires_after and
+    last_seen_at + expires_after.minutes < Time.now
+  end
+
+  def expires_after
+    APP_CONFIG[:auth] && APP_CONFIG[:auth][:token_expires_after]
+  end
+
   def initialize(*args)
     super
     self.id = SecureRandom.urlsafe_base64(32).gsub(/^_*/, '')
+    self.last_seen_at = Time.now
   end
 
   design do
-- 
cgit v1.2.3