Class: MortalToken::Token

Inherits:

Object

• Object
• MortalToken::Token

Defined in:

lib/mortal-token/token.rb

Overview

Create a token and check if it’s still valid:

token = MortalToken.create(300) # 5 min
give_to_client token.to_s
token_str = get_from_client
MoralToken.valid? token_str

Create a message token. The client will be able to read the message, but they *won’t* be able to tamper with it. If your message must aslo be read-proof, you’ll have to encrypt it and decrypt it yourself.

token = MortalToken.create(300, "message")
give_to_client token.to_s
token_str = get_from_client
token, digest = MortalToken.recover token_str
if token == digest
  # It's valid
  do_stuff_with token.message
else
  # The token was invalid or expired
end

Instance Attribute Summary

• #expires ⇒ Object readonly

  The expiry time as a Unix timestamp.

• #message ⇒ Object readonly

  String content of token (optional).

• #salt ⇒ Object readonly

  The salt value.

Instance Method Summary

• #==(other_token_or_digest) ⇒ Object (also: #===)

  Tests this token against another token or token hash.

• #digest ⇒ Object

  Returns HMAC hexdigest of the token.

• #initialize(expires, salt, message = nil) ⇒ Token constructor

  Initialize an existing token.

• #to_s ⇒ Object

  Returns a URL-safe encoding of the token and its digest.

• #ttl ⇒ Object

  Number of seconds remaining.

Constructor Details

#initialize(expires, salt, message = nil) ⇒ Token

Initialize an existing token

# File 'lib/mortal-token/token.rb', line 32

def initialize(expires, salt, message = nil)
  @expires = expires.to_i
  @salt = salt
  @message = message ? message.to_s : nil
end

Instance Attribute Details

#expires ⇒ Object (readonly)

The expiry time as a Unix timestamp

# File 'lib/mortal-token/token.rb', line 25

def expires
  @expires
end

#message ⇒ Object (readonly)

String content of token (optional)

# File 'lib/mortal-token/token.rb', line 27

def message
  @message
end

#salt ⇒ Object (readonly)

The salt value

# File 'lib/mortal-token/token.rb', line 29

def salt
  @salt
end

Instance Method Details

#==(other_token_or_digest) ⇒ Object Also known as: ===

Tests this token against another token or token hash. Even if it matches, returns false if the expire time is past.

# File 'lib/mortal-token/token.rb', line 57

def ==(other_token_or_digest)
  other = other_token_or_digest.respond_to?(:digest) ? other_token_or_digest.digest : other_token_or_digest
  self.digest == other && self.ttl > 0
end

#digest ⇒ Object

Returns HMAC hexdigest of the token

# File 'lib/mortal-token/token.rb', line 46

def digest
  raise "MortalToken: you must set a secret!" if MortalToken.secret.nil?
  @digest ||= OpenSSL::HMAC.hexdigest(MortalToken.digest, MortalToken.secret, to_h.to_json)
end

#to_s ⇒ Object

Returns a URL-safe encoding of the token and its digest. Hand it out to users and check it with MoralToken.valid?

# File 'lib/mortal-token/token.rb', line 39

def to_s
  h = to_h
  h[:digest] = digest
  Base64.urlsafe_encode64 h.to_json
end

#ttl ⇒ Object

Number of seconds remaining

# File 'lib/mortal-token/token.rb', line 52

def ttl
  expires - Time.now.utc.to_i
end