Class: Authie::ControllerDelegate

Inherits:

Object

• Object
• Authie::ControllerDelegate

Defined in:

lib/authie/controller_delegate.rb

Overview

The controller delegate implements methods that can be used by a controller. These are then extended into controllers as needed (see ControllerExtension).

Instance Attribute Summary

• #touch_auth_session_enabled ⇒ Object

  Returns the value of attribute touch_auth_session_enabled.

Instance Method Summary

• #auth_session ⇒ Authie::Session

  Return an auth session that has been found in the current cookies.

• #create_auth_session(user, **kwargs) ⇒ Authie::Session^?

  Create a new session for the given user.

• #current_user ⇒ ActiveRecord::Base^?

  Return the user for the currently logged in user or nil if no user is logged in.

• #initialize(controller) ⇒ Authie::ControllerDelegate constructor
• #invalidate_auth_session ⇒ Boolean

  Invalidate the existing auth session if one exists.

• #logged_in? ⇒ Boolean

  Is anyone currently logged in? Return true if there is an auth session present.

• #set_browser_id ⇒ String

  Sets a browser ID.

• #touch_auth_session ⇒ Authie::Session, false

  Touch the session to update details on the latest activity.

• #validate_auth_session ⇒ Authie::Session, false

  Validate the auth session to ensure that it is current validate and raise an error if it is not suitable for use.

Constructor Details

#initialize(controller) ⇒ Authie::ControllerDelegate

Parameters:

• controller (ActionController::Base)

# File 'lib/authie/controller_delegate.rb', line 16

def initialize(controller)
  @controller = controller
  @touch_auth_session_enabled = true
end

Instance Attribute Details

#touch_auth_session_enabled ⇒ Object

Returns the value of attribute touch_auth_session_enabled.

# File 'lib/authie/controller_delegate.rb', line 12

def touch_auth_session_enabled
  @touch_auth_session_enabled
end

Instance Method Details

#auth_session ⇒ Authie::Session

Return an auth session that has been found in the current cookies.

Returns:

• (Authie::Session)

# File 'lib/authie/controller_delegate.rb', line 110

def auth_session
  return @auth_session if instance_variable_defined?('@auth_session')

  @auth_session = Authie::Session.get_session(@controller)
end

#create_auth_session(user, **kwargs) ⇒ Authie::Session^?

Create a new session for the given user. If nil is provided as a user, the existing session will be invalidated.

Returns:

• (Authie::Session, nil)

# File 'lib/authie/controller_delegate.rb', line 76

def create_auth_session(user, **kwargs)
  if user.nil?
    invalidate_auth_session
    return nil
  end

  @auth_session = Authie::Session.start(@controller, user: user, **kwargs)
end

#current_user ⇒ ActiveRecord::Base^?

Return the user for the currently logged in user or nil if no user is logged in

Returns:

• (ActiveRecord::Base, nil)

# File 'lib/authie/controller_delegate.rb', line 66

def current_user
  return nil unless logged_in?

  auth_session.session.user
end

#invalidate_auth_session ⇒ Boolean

Invalidate the existing auth session if one exists. Return true if a sesion has been invalidated otherwise return false.

Returns:

• (Boolean)

# File 'lib/authie/controller_delegate.rb', line 89

def invalidate_auth_session
  return false unless logged_in?

  auth_session.invalidate
  @auth_session = nil
  true
end

#logged_in? ⇒ Boolean

Is anyone currently logged in? Return true if there is an auth session present.

Note: this does not check the validatity of the session. You must always ensure that the ‘validate` or `touch` method is invoked to ensure that the session that has been found is active.

Returns:

• (Boolean)

# File 'lib/authie/controller_delegate.rb', line 103

def logged_in?
  auth_session.is_a?(Session)
end

#set_browser_id ⇒ String

Sets a browser ID. This must be performed on any page request where AUthie will be used. It should be triggered before any other Authie provided methods. This will ensure that the given browser ID is unique.

Returns:

• (String) —

  the generated browser ID

# File 'lib/authie/controller_delegate.rb', line 26

def set_browser_id
  until cookies[Authie.config.browser_id_cookie_name]
    proposed_browser_id = SecureRandom.uuid
    next if Authie::SessionModel.where(browser_id: proposed_browser_id).exists?

    cookies[Authie.config.browser_id_cookie_name] = {
      value: proposed_browser_id,
      expires: 5.years.from_now,
      httponly: true,
      secure: @controller.request.ssl?
    }
    Authie.notify(:set_browser_id,
                  browser_id: proposed_browser_id,
                  controller: @controller)
  end
  proposed_browser_id
end

#touch_auth_session ⇒ Authie::Session, false

Touch the session to update details on the latest activity.

Returns:

• (Authie::Session, false)

# File 'lib/authie/controller_delegate.rb', line 57

def touch_auth_session
  yield if block_given?
ensure
  auth_session.touch if @touch_auth_session_enabled && logged_in?
end

#validate_auth_session ⇒ Authie::Session, false

Validate the auth session to ensure that it is current validate and raise an error if it is not suitable for use.

Returns:

• (Authie::Session, false)

# File 'lib/authie/controller_delegate.rb', line 48

def validate_auth_session
  return false unless logged_in?

  auth_session.validate
end