Module: Henlo::Revocable
- Defined in:
- lib/henlo/revocable.rb
Overview
Module allows the blacklist of tokens as identified by the jti (jwt identifier) Blacklisted refresh tokens cannot be used to generate new id tokens
Class Method Summary collapse
-
.token_blockt(payload, resource) ⇒ Object
Method called when the identifier as encoded in the token payload does not match what was stored in the database or when the revoke token route is called by the user in cases of breach such as device loss the token is blacklisted and the resource is flagged as needing blacklist checks.
-
.token_rekt ⇒ Object
Call this period in a scheduled task to clean expired tokens from the database.
Class Method Details
.token_blockt(payload, resource) ⇒ Object
Method called when the identifier as encoded in the token payload does not match what was stored in the database or when the revoke token route is called by the user in cases of breach such as device loss the token is blacklisted and the resource is flagged as needing blacklist checks
10 11 12 13 14 15 16 17 18 |
# File 'lib/henlo/revocable.rb', line 10 def self.token_blockt(payload, resource) resource.blacklist_check == true resource.save! blacklisted_token = BlacklistedToken.create( token_jti: payload["jti"], exp_in_unix: payload["exp"] ) end |
.token_rekt ⇒ Object
Call this period in a scheduled task to clean expired tokens from the database
22 23 24 25 26 |
# File 'lib/henlo/revocable.rb', line 22 def self.token_rekt BlacklistedToken.each do |token| token.destroy unless Time.now.utc < token.exp_in_unix end end |