Sha256: 0f6f699da300ba1857db153991370131bd81f1d143152e808ef9722c1d2e2108
Contents?: true
Size: 1.73 KB
Versions: 3
Compression:
Stored size: 1.73 KB
Contents
class TokenHash
=begin
Ideally, the expiration for the jwt token would be less than the db token,
and we would return a new jwt token to the user if the current jwt token expired
but the db token was not yet expired.
=end
def self.encode(auth_token_hash,user_id)
obj = {}
obj["auth_token"] = auth_token_hash
obj["user_id"] = user_id
obj["exp"] = ::Time.now.to_i() + ::Settings.expire_time*60
return ::JWT.encode(obj,::Rails.application.secrets.secret_key_base)
end
def self.decode(params,request)
instance_hash = nil
auth_token_obj = ::Arcadex::Header.grab_param_header(params,request,::Settings.token_header,false)
begin
# Try JWT token
jwt = ::JWT.decode(auth_token_obj,::Rails.application.secrets.secret_key_base)
token = jwt[0]
user = ::User.find_by(id: token["user_id"])
instance_hash = {}
instance_hash["current_owner"] = user
instance_hash["current_token"] = nil
instance_hash["auth_token"] = token["auth_token"]
return instance_hash
rescue ::JWT::ExpiredSignature
return handle_expired(auth_token_obj)
rescue ::JWT::DecodeError
return handle_abnormal(params,request)
end
end
private
def self.handle_expired(auth_token_obj)
# Token expired, destroy arcadex token
jwt = ::JWT.decode(auth_token_obj,::Rails.application.secrets.secret_key_base,true,{verify_expiration: false})
token = jwt[0]
db_token = ::Arcadex::Find.find_token_by_auth_token(token["auth_token"])
if !db_token.nil?
db_token.destroy
end
return nil
end
def self.handle_abnormal(params,request)
# Try Arcadex token
instance_hash = ::Arcadex::Authentication.get_instance(params,request,::Settings.token_header)
if !instance_hash.nil?
instance_hash["auth_token"] = nil
end
return instance_hash
end
end
Version data entries
3 entries across 3 versions & 1 rubygems