module Authlogic module ActsAsAuthentic # This module is responsible for maintaining the single_access token. For more # information the single access token and how to use it, see the # Authlogic::Session::Params module. module SingleAccessToken def self.included(klass) klass.class_eval do extend Config add_acts_as_authentic_module(Methods) end end # All configuration for the single_access token aspect of acts_as_authentic. module Config # The single access token is used for authentication via URLs, such as a private # feed. That being said, if the user changes their password, that token probably # shouldn't change. If it did, the user would have to update all of their URLs. So # be default this is option is disabled, if you need it, feel free to turn it on. # # * Default: false # * Accepts: Boolean def change_single_access_token_with_password(value = nil) rw_config(:change_single_access_token_with_password, value, false) end alias_method :change_single_access_token_with_password=, :change_single_access_token_with_password end # All method, for the single_access token aspect of acts_as_authentic. module Methods def self.included(klass) return if !klass.column_names.include?("single_access_token") klass.class_eval do include InstanceMethods validates_uniqueness_of :single_access_token, :if => :single_access_token_changed? before_validation :reset_single_access_token, :if => :reset_single_access_token? if respond_to?(:after_password_set) after_password_set(:reset_single_access_token, :if => :change_single_access_token_with_password?) end end end module InstanceMethods # Resets the single_access_token to a random friendly token. def reset_single_access_token self.single_access_token = Authlogic::Random.friendly_token end # same as reset_single_access_token, but then saves the record. def reset_single_access_token! reset_single_access_token save_without_session_maintenance end protected def reset_single_access_token? single_access_token.blank? end def change_single_access_token_with_password? self.class.change_single_access_token_with_password == true end end end end end end