Module: MortalToken
- Defined in:
- lib/mortal-token/token.rb,
lib/mortal-token/config.rb,
lib/mortal-token/version.rb,
lib/mortal-token/mortal-token.rb
Defined Under Namespace
Classes: Token
Constant Summary collapse
- VERSION =
Library version
'2.1.0'
Class Attribute Summary collapse
-
.digest ⇒ Object
The digest to use.
-
.salt_length ⇒ Object
Salt length in bytes.
-
.secret ⇒ Object
The master secret token (Keep it secret! Keep it safe!).
Class Method Summary collapse
-
.create(seconds, message = nil) ⇒ Object
Create a new token that lasts for N seconds.
-
.recover(token_str) ⇒ Object
Recover a token and digest created with MortalToken#to_s.
-
.valid?(token_str) ⇒ Boolean
Check if a token created with MoralToken#to_s is valid.
Class Attribute Details
.digest ⇒ Object
The digest to use. Defaults to ‘sha512’.
6 7 8 |
# File 'lib/mortal-token/config.rb', line 6 def digest @digest end |
.salt_length ⇒ Object
Salt length in bytes. Defaults to 8.
8 9 10 |
# File 'lib/mortal-token/config.rb', line 8 def salt_length @salt_length end |
.secret ⇒ Object
The master secret token (Keep it secret! Keep it safe!). Changing this will invalidate all existing tokens.
4 5 6 |
# File 'lib/mortal-token/config.rb', line 4 def secret @secret end |
Class Method Details
.create(seconds, message = nil) ⇒ Object
Create a new token that lasts for N seconds. Message is optional, but must be a string when present.
3 4 5 6 7 |
# File 'lib/mortal-token/mortal-token.rb', line 3 def self.create(seconds, = nil) expires = Time.now.utc.to_i + seconds salt = SecureRandom.hex MortalToken.salt_length Token.new expires, salt, end |
.recover(token_str) ⇒ Object
Recover a token and digest created with MortalToken#to_s. Returns [token, digest]. You must then check their validity with “token == digest”
11 12 13 14 15 16 17 |
# File 'lib/mortal-token/mortal-token.rb', line 11 def self.recover(token_str) h = JSON.parse Base64.urlsafe_decode64 token_str.to_s token = Token.new h['expires'], h['salt'], h['message'] return token, h['digest'] rescue ArgumentError, JSON::ParserError return create 0, '' end |
.valid?(token_str) ⇒ Boolean
Check if a token created with MoralToken#to_s is valid.
20 21 22 23 |
# File 'lib/mortal-token/mortal-token.rb', line 20 def self.valid?(token_str) token, digest = recover token_str token == digest end |