Sha256: cbdb6f50310e19f25e655749ad12ad2300d15b336d860cf04c96b7f3596e4c14
Contents?: true
Size: 1.23 KB
Versions: 1
Compression:
Stored size: 1.23 KB
Contents
# frozen_string_literal: true
module QuoVadis
# A session is started once a user logs in with a password,
# regardless of whether 2FA is also required.
class Session < ActiveRecord::Base
include IpMasking
belongs_to :account
validates :ip, presence: true
scope :new_to_old, -> { order create_at: :desc }
attribute :last_seen_at, :datetime, default: -> { Time.now.utc }
def logout_other_sessions
account.sessions.reject { |s| s == self }.each &:destroy
end
def authenticated_with_second_factor
touch :second_factor_at
end
def reset_authenticated_with_second_factor
update second_factor_at: nil
end
def second_factor_authenticated?
!second_factor_at.nil?
end
def expired?
exceeded_lifetime? || exceeded_idle_timeout?
end
def replace
destroy.dup.tap &:save
end
private
def exceeded_lifetime?
return false if browser_session?
lifetime_expires_at < Time.now.utc
end
def browser_session?
lifetime_expires_at.nil?
end
def exceeded_idle_timeout?
return false if QuoVadis.session_idle_timeout == :lifetime
QuoVadis.session_idle_timeout.since(last_seen_at) < Time.now.utc
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| quo_vadis-2.1.5 | app/models/quo_vadis/session.rb |