Sha256: 24cf248fbd31e235146065a24ea775a636de2931602ceed9208505192c9c9477

Contents?: true

Size: 927 Bytes

Versions: 4

Compression:

Stored size: 927 Bytes

Contents

module Apress
  module Api
    class AuthService
      rattr_initialize :request

      attr_reader :client

      delegate :query_parameters, to: :request

      # Find Client by access_id, check sercret_key
      #
      # Returns boolean
      def call
        return false unless access_id

        @client = Apress::Api::Client.find_by_access_id(access_id)
        return false unless client

        return false if client.secret_token_expired?

        return true if not_check_signature?
        ::ApiAuth.authentic?(request, client.secret_token)
      end

      def access_id
        @access_id ||= ApiAuth.access_id(request) || query_parameters[:access_id]
      end

      private

      def not_check_signature?
        check_signature = query_parameters[:check_signature]
        check_signature.present? && check_signature.to_i.zero? && (Rails.env.staging? || !Rails.env.production?)
      end
    end
  end
end

Version data entries

4 entries across 4 versions & 1 rubygems

Version Path
apress-api-1.24.0 app/services/apress/api/auth_service.rb
apress-api-1.23.0 app/services/apress/api/auth_service.rb
apress-api-1.22.1 app/services/apress/api/auth_service.rb
apress-api-1.22.0 app/services/apress/api/auth_service.rb