Module: Authlogic::ORMAdapters::ActiveRecordAdapter::ActsAsAuthentic::Persistence

Defined in:
lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/persistence.rb

Overview

Persistence

This is responsible for all record persistence. Basically what your Authlogic session needs to persist the record's session.

Class Methods

  • forget_all! - resets ALL records persistence_token to a unique value, requiring all users to re-login

  • unique_token - returns a pretty hardcore random token that is finally encrypted with a hash algorithm

Instance Methods

  • forget! - resets the record's persistence_token which requires them to re-login

Alias Method Chains

  • #{options[:password_field]} - adds in functionality to reset the persistence token when the password is changed

Instance Method Summary collapse

Instance Method Details

#acts_as_authentic_with_persistence(options = {}) ⇒ Object


22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
# File 'lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/persistence.rb', line 22

def acts_as_authentic_with_persistence(options = {})
  acts_as_authentic_without_persistence(options)

  validates_presence_of options[:persistence_token_field]
  validates_uniqueness_of options[:persistence_token_field], :if => "#{options[:persistence_token_field]}_changed?".to_sym
  
  before_validation "reset_#{options[:persistence_token_field]}".to_sym, :if => "reset_#{options[:persistence_token_field]}?".to_sym

  def forget_all!
    # Paginate these to save on memory
    records = nil
    i = 0
    begin
      records = find(:all, :limit => 50, :offset => i)
      records.each { |record| record.forget! }
      i += 50
    end while !records.blank?
  end

  class_eval <<-"end_eval", __FILE__, __LINE__
    def self.unique_token
      Authlogic::CryptoProviders::Sha512.encrypt(Time.now.to_s + (1..10).collect{ rand.to_s }.join)
    end
  
    def forget!
      self.#{options[:persistence_token_field]} = self.class.unique_token
      save_without_session_maintenance(false)
    end
  
    def #{options[:password_field]}_with_persistence=(value)
      reset_#{options[:persistence_token_field]} unless value.blank?
      self.#{options[:password_field]}_without_persistence = value
    end
    alias_method_chain :#{options[:password_field]}=, :persistence
    
    def reset_#{options[:persistence_token_field]}
      self.#{options[:persistence_token_field]} = self.class.unique_token
    end
    
    def reset_#{options[:persistence_token_field]}!
      reset_#{options[:persistence_token_field]}
      save_without_session_maintenance(false)
    end
    
    def reset_#{options[:persistence_token_field]}?
      #{options[:persistence_token_field]}.blank?
    end
    
    # When a user logs in we need to ensure they have a persistence token. Think about apps that are transitioning and
    # never have a persistence token to begin with. When their users log in their persistence token needs to be set.
    # The only other time persistence tokens are reset is in a before_validation on the user, and when a user is saved
    # from the session we skip validation for performance reasons. We do save_without_session_maintenance(false), the false
    # indicates to skip validation.
    def valid_#{options[:password_field]}_with_persistence?(attempted_password)
      result = valid_password_without_persistence?(attempted_password)
      reset_#{options[:persistence_token_field]}! if result && #{options[:persistence_token_field]}.blank?
      result
    end
    alias_method_chain :valid_#{options[:password_field]}?, :persistence
  end_eval
end

#forget_all!Object


30
31
32
33
34
35
36
37
38
39
# File 'lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/persistence.rb', line 30

def forget_all!
  # Paginate these to save on memory
  records = nil
  i = 0
  begin
    records = find(:all, :limit => 50, :offset => i)
    records.each { |record| record.forget! }
    i += 50
  end while !records.blank?
end