Module: Driftrock::Service::DriftrockApp

Defined in:

lib/driftrock-service/driftrock_app.rb

Instance Method Summary

• #authorise ⇒ Object
• #driftrock_app_status ⇒ Object
• #driftrock_logout ⇒ Object
• #should_authorise? ⇒ Boolean
• #token_for(timestamp, company_id) ⇒ Object

Instance Method Details

#authorise ⇒ Object

# File 'lib/driftrock-service/driftrock_app.rb', line 4

def authorise
  return unless should_authorise?
  timestamp = params[:timestamp]
  company_id= params[:company_id]
  token     = params[:token]
  expected_token = token_for(timestamp, company_id)

  if token != expected_token
    redirect_to Driftrock::Service::Config.website_location + "?unauthorised=true"
  else
    session[:user_id] = params[:user_id]
    session[:company_id] = params[:company_id]
  end
end

#driftrock_app_status ⇒ Object

# File 'lib/driftrock-service/driftrock_app.rb', line 33

def driftrock_app_status
  render text: "OK"
end

#driftrock_logout ⇒ Object

# File 'lib/driftrock-service/driftrock_app.rb', line 37

def driftrock_logout
  reset_session
  redirect_to Config.website_location+"/logout"
end

#should_authorise? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/driftrock-service/driftrock_app.rb', line 19

def should_authorise?
  has_auth_params = params[:timestamp] && params[:company_id] && params[:token]
  has_session_data = defined?(session) && session[:user_id] && 
                      session[:company_id]

  has_auth_params || !has_session_data
end

#token_for(timestamp, company_id) ⇒ Object

# File 'lib/driftrock-service/driftrock_app.rb', line 27

def token_for(timestamp, company_id)
  OpenSSL::Digest::SHA1.hexdigest( 
    [timestamp, Driftrock::Service::Config.salt, company_id].join(":")
  )
end