Module: HasEditablePassword

Extended by:

ActiveSupport::Concern

Includes:

ActiveModel::SecurePassword

Defined in:

lib/has_editable_password.rb

Overview

Just include this module into your model to have all of its nice features :)

Instance Method Summary

• #current_password_match? ⇒ Boolean

  Returns true if current_password matches the stored password_digest.

• #generate_recovery_token(options = {}) ⇒ Object

  Creates a new password_recovery_token.

• #valid_recovery_token?(token = nil) ⇒ Boolean

  Returns true if the token matches with the stored one and the token creation time is less than 24 hours ago.

Instance Method Details

#current_password_match? ⇒ Boolean

Returns true if current_password matches the stored password_digest.

Returns:

• (Boolean)

# File 'lib/has_editable_password.rb', line 64

def current_password_match?
  if @current_password
    if @old_password_digest
      BCrypt::Password.new(@old_password_digest) == @current_password
    else
      # almost same as #authenticate (returns true instead of the object)
      BCrypt::Password.new(self.password_digest) == @current_password
    end
  else
    false
  end
end

#generate_recovery_token(options = {}) ⇒ Object

Creates a new password_recovery_token

If a token was already there it is discarded. Also sets password_recovery_token_creation to the current time. Unless specified it calls save to store the token in the database.

• :length - this is the length of the SecureRandom string generated

as the token. Since the token is base64_encoded it will be longer than that. Default is 32.

• :save - you can use this if you don’t want save to be called.

  generate_recovery_token(save: false)
  

# File 'lib/has_editable_password.rb', line 44

def generate_recovery_token(options = {})
  token = SecureRandom.urlsafe_base64(options.delete(:length) || 32)
  self.password_recovery_token = BCrypt::Password.create(token)
  self.password_recovery_token_creation = Time.now
  save unless options.delete(:save) == false
  token
end

#valid_recovery_token?(token = nil) ⇒ Boolean

Returns true if the token matches with the stored one and the token creation time is less than 24 hours ago

If token is nil, the stored token is compared with @recovery_token

Returns:

• (Boolean)

# File 'lib/has_editable_password.rb', line 57

def valid_recovery_token?(token = nil)
  recovery_token_match?(token) and !recovery_token_expired?
end