Module: MortalToken

Defined in:
lib/mortal-token/token.rb,
lib/mortal-token/config.rb,
lib/mortal-token/version.rb,
lib/mortal-token/mortal-token.rb

Defined Under Namespace

Classes: Token

Constant Summary collapse

VERSION =

Library version

'2.1.0'

Class Attribute Summary collapse

Class Method Summary collapse

Class Attribute Details

.digestObject

The digest to use. Defaults to ‘sha512’.



6
7
8
 
# File 'lib/mortal-token/config.rb', line 6

def digest
  @digest
end

.salt_lengthObject

Salt length in bytes. Defaults to 8.



8
9
10
 
# File 'lib/mortal-token/config.rb', line 8

def salt_length
  @salt_length
end

.secretObject

The master secret token (Keep it secret! Keep it safe!). Changing this will invalidate all existing tokens.



4
5
6
 
# File 'lib/mortal-token/config.rb', line 4

def secret
  @secret
end

Class Method Details

.create(seconds, message = nil) ⇒ Object

Create a new token that lasts for N seconds. Message is optional, but must be a string when present.



3
4
5
6
7
 
# File 'lib/mortal-token/mortal-token.rb', line 3

def self.create(seconds, message = nil)
  expires = Time.now.utc.to_i + seconds
  salt = SecureRandom.hex MortalToken.salt_length
  Token.new expires, salt, message
end

.recover(token_str) ⇒ Object

Recover a token and digest created with MortalToken#to_s. Returns [token, digest]. You must then check their validity with “token == digest”



11
12
13
14
15
16
17
 
# File 'lib/mortal-token/mortal-token.rb', line 11

def self.recover(token_str)
  h = JSON.parse Base64.urlsafe_decode64 token_str.to_s
  token = Token.new h['expires'], h['salt'], h['message']
  return token, h['digest']
rescue ArgumentError, JSON::ParserError
  return create 0, ''
end

.valid?(token_str) ⇒ Boolean

Check if a token created with MoralToken#to_s is valid.

Returns:

  • (Boolean) 


20
21
22
23
 
# File 'lib/mortal-token/mortal-token.rb', line 20

def self.valid?(token_str)
  token, digest = recover token_str
  token == digest
end