module ApiUserAuth # Base user auth model class AuthUser < ApplicationRecord after_create :send_welcome attr_accessor :is_new def self.create_by_params(params) if params[:email].blank? raise Exceptions::WrongParams, 'Email can not be blank!' end if params[:password].blank? raise Exceptions::WrongParams, 'Password can not be blank!' end auth_user = AuthUser.find_or_initialize_by(email: params[:email]) if auth_user.new_record? auth_user.is_new = true auth_user.update_password(params[:password]) else raise Exceptions::WrongParams, 'User already exists !' end auth_user end def self.login_by_params(params) if params[:email].blank? raise Exceptions::WrongParams, 'Email can not be blank!' end if params[:password].blank? raise Exceptions::WrongParams, 'Password can not be blank!' end auth_user = AuthUser.find_by(email: params[:email]) if auth_user && auth_user.valid_password?(params[:password]) auth_user.generate_token auth_user.save auth_user.is_new = false else raise Exceptions::Unauthorized, 'Invalid Email or Password!' end auth_user end def self.update_password(params) if params[:email].blank? raise Exceptions::WrongParams, 'Email can not be blank!' end if params[:password].blank? raise Exceptions::WrongParams, 'Password can not be blank!' end if params[:code].blank? raise Exceptions::WrongParams, 'Code can not be blank!' end auth_user = AuthUser.find_by(email: params[:email]) if auth_user.blank? raise Exceptions::WrongParams, 'Email is invalid!' end if auth_user.code.eql?(params[:code]) auth_user.update_password(params[:password]) else raise Exceptions::WrongParams, 'Code is invalid!' end end def update_password(password) self.password = password generate_token save end def self.forgot_password(params) if params[:email].blank? raise Exceptions::WrongParams, 'Email can not be blank!' end auth_user = AuthUser.find_by(email: params[:email]) if auth_user.blank? raise Exceptions::WrongParams, 'Email is invalid!' end auth_user.send_reset_password end def self.create_by_provider(params) if params[:provider].blank? raise Exceptions::WrongParams, 'Provider can not be blank!' end if params[:token].blank? raise Exceptions::WrongParams, 'Token can not be blank!' end provider_data = case params[:provider] when /facebook/i Providers::Facebook.get_user(params[:token]) when /google/i Providers::Google.get_user(params[:token]) when /instagram/i Providers::Instagram.get_user(params[:token]) else raise ::ApiUserAuth::Exceptions::ProviderError, 'Wrong provider!' end auth_user = AuthUser.find_or_initialize_by(email: provider_data[:email]) auth_user.encrypted_password = params[:token] auth_user.generate_token auth_user.is_new = auth_user.new_record? auth_user.user_provider_data = provider_data auth_user.provider = params[:provider] auth_user.save auth_user end def self.find_fy_token(token) unless token =~ ApiUserAuth::UUID_REGEX raise Exceptions::Unauthorized, 'Header [Authorization] token is invalid!' end where( '? = ANY("api_user_auth_auth_users"."auth_tokens")', token ).limit(1).first end def to_json { id: id, email: email, auth_token: auth_tokens.last, is_new: is_new } end def generate_token auth_tokens << SecureRandom.uuid end def password=(passwd) self.encrypted_password = hexdigest(passwd) if passwd.present? end def valid_password?(passwd) encrypted_password == hexdigest(passwd) end def send_reset_password self.code = Random.new.rand((10**(6 - 1))..(10**6)).to_s ForgotPasswordMailer.reset_code(self).deliver_now if save end def logout(token) auth_tokens.delete(token) save end private def send_welcome WelcomeMailer.welcome(self).deliver_now end def hexdigest(text) Digest::SHA256.hexdigest(text + secure_salt) end def secure_salt Digest::MD5.hexdigest('a18a9143-f193-4e76-a6de-f2912e96b71f') end end end