Class: JWTSessions::Session

Inherits:

Object

• Object
• JWTSessions::Session

Defined in:

lib/jwt_sessions/session.rb

Instance Attribute Summary

• #access_token ⇒ Object readonly

  Returns the value of attribute access_token.

• #csrf_token ⇒ Object readonly

  Returns the value of attribute csrf_token.

• #namespace ⇒ Object

  Returns the value of attribute namespace.

• #payload ⇒ Object

  Returns the value of attribute payload.

• #refresh_by_access_allowed ⇒ Object

  Returns the value of attribute refresh_by_access_allowed.

• #refresh_payload ⇒ Object

  Returns the value of attribute refresh_payload.

• #refresh_token ⇒ Object readonly

  Returns the value of attribute refresh_token.

• #store ⇒ Object

  Returns the value of attribute store.

Class Method Summary

• .flush_all(store = JWTSessions.token_store) ⇒ Object

Instance Method Summary

• #flush_by_access_payload ⇒ Object
• #flush_by_token(token) ⇒ Object

  flush the session by refresh token.

• #flush_by_uid(uid) ⇒ Object

  flush the session by refresh token uid.

• #flush_namespaced ⇒ Object
• #flush_namespaced_access_tokens ⇒ Object

  flush access tokens only and keep refresh.

• #initialize(options = {}) ⇒ Session constructor

  A new instance of Session.

• #login ⇒ Object
• #masked_csrf(access_token) ⇒ Object
• #refresh(refresh_token, &block) ⇒ Object
• #refresh_by_access_payload(&block) ⇒ Object
• #session_exists?(token, token_type = :access) ⇒ Boolean
• #valid_access_request?(external_csrf_token, external_payload) ⇒ Boolean
• #valid_csrf?(token, csrf_token, token_type = :access) ⇒ Boolean

Constructor Details

#initialize(options = {}) ⇒ Session

# File 'lib/jwt_sessions/session.rb', line 15

def initialize(options = {})
  @store                     = options.fetch(:store, JWTSessions.token_store)
  @refresh_payload           = options.fetch(:refresh_payload, {})
  @payload                   = options.fetch(:payload, {})
  @access_claims             = options.fetch(:access_claims, {})
  @refresh_claims            = options.fetch(:refresh_claims, {})
  @namespace                 = options.fetch(:namespace, nil)
  @refresh_by_access_allowed = options.fetch(:refresh_by_access_allowed, false)
end

Instance Attribute Details

#access_token ⇒ Object (readonly)

Returns the value of attribute access_token.

# File 'lib/jwt_sessions/session.rb', line 5

def access_token
  @access_token
end

#csrf_token ⇒ Object (readonly)

Returns the value of attribute csrf_token.

# File 'lib/jwt_sessions/session.rb', line 5

def csrf_token
  @csrf_token
end

#namespace ⇒ Object

Returns the value of attribute namespace.

# File 'lib/jwt_sessions/session.rb', line 9

def namespace
  @namespace
end

#payload ⇒ Object

Returns the value of attribute payload.

# File 'lib/jwt_sessions/session.rb', line 9

def payload
  @payload
end

#refresh_by_access_allowed ⇒ Object

Returns the value of attribute refresh_by_access_allowed.

# File 'lib/jwt_sessions/session.rb', line 9

def refresh_by_access_allowed
  @refresh_by_access_allowed
end

#refresh_payload ⇒ Object

Returns the value of attribute refresh_payload.

# File 'lib/jwt_sessions/session.rb', line 9

def refresh_payload
  @refresh_payload
end

#refresh_token ⇒ Object (readonly)

Returns the value of attribute refresh_token.

# File 'lib/jwt_sessions/session.rb', line 5

def refresh_token
  @refresh_token
end

#store ⇒ Object

Returns the value of attribute store.

# File 'lib/jwt_sessions/session.rb', line 9

def store
  @store
end

Class Method Details

.flush_all(store = JWTSessions.token_store) ⇒ Object

# File 'lib/jwt_sessions/session.rb', line 103

def self.flush_all(store = JWTSessions.token_store)
  tokens = RefreshToken.all(nil, store)
  tokens.each do |token|
    AccessToken.destroy(token.access_uid, store)
    token.destroy
  end.count
end

Instance Method Details

#flush_by_access_payload ⇒ Object

Raises:

• (Errors::InvalidPayload)

# File 'lib/jwt_sessions/session.rb', line 63

def flush_by_access_payload
  raise Errors::InvalidPayload if payload.nil?
  ruid = retrieve_val_from(payload, :access, 'ruid', 'refresh uid')
  flush_by_uid(ruid)
end

#flush_by_token(token) ⇒ Object

flush the session by refresh token

# File 'lib/jwt_sessions/session.rb', line 70

def flush_by_token(token)
  uid = token_uid(token, :refresh, @refresh_claims)
  flush_by_uid(uid)
end

#flush_by_uid(uid) ⇒ Object

flush the session by refresh token uid

# File 'lib/jwt_sessions/session.rb', line 76

def flush_by_uid(uid)
  token = retrieve_refresh_token(uid)

  AccessToken.destroy(token.access_uid, store)
  token.destroy
end

#flush_namespaced ⇒ Object

# File 'lib/jwt_sessions/session.rb', line 94

def flush_namespaced
  return 0 unless namespace
  tokens = RefreshToken.all(namespace, store)
  tokens.each do |token|
    AccessToken.destroy(token.access_uid, store)
    token.destroy
  end.count
end

#flush_namespaced_access_tokens ⇒ Object

flush access tokens only and keep refresh

# File 'lib/jwt_sessions/session.rb', line 84

def flush_namespaced_access_tokens
  return 0 unless namespace
  tokens = RefreshToken.all(namespace, store)
  tokens.each do |token|
    AccessToken.destroy(token.access_uid, store)
    # unlink refresh token from the current access token
    token.update(nil, nil, token.csrf)
  end.count
end

#login ⇒ Object

# File 'lib/jwt_sessions/session.rb', line 25

def login
  create_csrf_token
  create_access_token
  create_refresh_token

  tokens_hash
end

#masked_csrf(access_token) ⇒ Object

# File 'lib/jwt_sessions/session.rb', line 44

def masked_csrf(access_token)
  csrf(access_token).token
end

#refresh(refresh_token, &block) ⇒ Object

# File 'lib/jwt_sessions/session.rb', line 48

def refresh(refresh_token, &block)
  refresh_token_data(refresh_token)
  refresh_by_uid(&block)
end

#refresh_by_access_payload(&block) ⇒ Object

Raises:

• (Errors::InvalidPayload)

# File 'lib/jwt_sessions/session.rb', line 53

def refresh_by_access_payload(&block)
  raise Errors::InvalidPayload if payload.nil?
  ruid = retrieve_val_from(payload, :access, 'ruid', 'refresh uid')
  retrieve_refresh_token(ruid)

  check_access_uid_within_refresh_token(&block) if block_given?

  refresh_by_uid(&block)
end

#session_exists?(token, token_type = :access) ⇒ Boolean

# File 'lib/jwt_sessions/session.rb', line 37

def session_exists?(token, token_type = :access)
  send(:"#{token_type}_token_data", token)
  true
rescue Errors::Unauthorized
  false
end

#valid_access_request?(external_csrf_token, external_payload) ⇒ Boolean

# File 'lib/jwt_sessions/session.rb', line 111

def valid_access_request?(external_csrf_token, external_payload)
  ruid = retrieve_val_from(external_payload, :access, 'ruid', 'refresh uid')
  uid  = retrieve_val_from(external_payload, :access, 'uid', 'access uid')

  refresh_token = RefreshToken.find(ruid, JWTSessions.token_store)
  return false unless uid == refresh_token.access_uid

  CSRFToken.new(refresh_token.csrf).valid_authenticity_token?(external_csrf_token)
end

#valid_csrf?(token, csrf_token, token_type = :access) ⇒ Boolean

# File 'lib/jwt_sessions/session.rb', line 33

def valid_csrf?(token, csrf_token, token_type = :access)
  send(:"valid_#{token_type}_csrf?", token, csrf_token)
end