RubygemsResearch

Sha256: 33d9e7358a4aa10bb7e69fcaa5b4e53d05d706f01c00179d082a6490fc1ae38f

Contents?: true

Size: 1.84 KB

Versions: 20

Compression:

Stored size: 1.84 KB

# :namespace
module Tokens

class SessionUid < Tokens::Base
  # The session UID.
  alias_attribute :suid, :name

  # The IP address and User-Agent string of the browser using this session.
  store :key, accessors: [:browser_ip, :browser_ua]

  # The User-Agent header of the browser that received this suid.
  validates :browser_ua, presence: true

  # The IP of the computer that received this suid.
  validates :browser_ip, presence: true

  # Browser users are logged out if they don't hit the app in this much time.
  self.expires_after = Authpwn::Engine.config.authpwn.session_expiration

  # Creates a new session UID token for a user.
  #
  # @param [User] user the user authenticated using this session
  # @param [String] browser_ip the IP of the session
  # @param [String] browser_ua the User-Agent of the browser used for this
  #                            session
  def self.random_for(user, browser_ip, browser_ua)
    browser_ua = browser_ua[0, 1536] if browser_ua.length > 1536
    key = { browser_ip: browser_ip, browser_ua: browser_ua }
    super user, key, self
  end

  # Refresh precision for the updated_at timestamp, in seconds.
  #
  # When a session UID is used to authenticate a user, its updated_at time is
  # refreshed if it differs from the current time by this much.
  class_attribute :updates_after, instance_writer: false
  self.updates_after = Authpwn::Engine.config.authpwn.session_precision

  # Updates the time associated with the session.
  def spend
    self.touch if Time.now - updated_at >= updates_after
  end

  # Garbage-collects database records of expired sessions.
  #
  # This method should be called periodically to keep the size of the session
  # table under control.
  def self.remove_expired
    self.where('updated_at < ?', Time.now - expires_after).delete_all
    self
  end
end  # class Tokens::SessionUid

end  # namespace Tokens

Version data entries

20 entries across 20 versions & 1 rubygems

Version	Path
authpwn_rails-0.21.0	app/models/tokens/session_uid.rb
authpwn_rails-0.20.0	app/models/tokens/session_uid.rb
authpwn_rails-0.19.0	app/models/tokens/session_uid.rb
authpwn_rails-0.18.2	app/models/tokens/session_uid.rb
authpwn_rails-0.18.1	app/models/tokens/session_uid.rb
authpwn_rails-0.18.0	app/models/tokens/session_uid.rb
authpwn_rails-0.17.2	app/models/tokens/session_uid.rb
authpwn_rails-0.17.1	app/models/tokens/session_uid.rb
authpwn_rails-0.17.0	app/models/tokens/session_uid.rb
authpwn_rails-0.16.2	app/models/tokens/session_uid.rb
authpwn_rails-0.16.1	app/models/tokens/session_uid.rb
authpwn_rails-0.16.0	app/models/tokens/session_uid.rb
authpwn_rails-0.15.3	app/models/tokens/session_uid.rb
authpwn_rails-0.15.2	app/models/tokens/session_uid.rb
authpwn_rails-0.15.1	app/models/tokens/session_uid.rb
authpwn_rails-0.15.0	app/models/tokens/session_uid.rb
authpwn_rails-0.14.3	app/models/tokens/session_uid.rb
authpwn_rails-0.14.2	app/models/tokens/session_uid.rb
authpwn_rails-0.14.1	app/models/tokens/session_uid.rb
authpwn_rails-0.14.0	app/models/tokens/session_uid.rb