Module: Magic::Link::ControllerExtensions::InstanceMethods

Defined in:

lib/magic/link/controller_extensions.rb

Instance Method Summary

• #authenticate_user_from_token! ⇒ Object
• #token_matches?(user) ⇒ Boolean
• #token_not_expired?(user) ⇒ Boolean

Instance Method Details

#authenticate_user_from_token! ⇒ Object

# File 'lib/magic/link/controller_extensions.rb', line 9

def authenticate_user_from_token!
  email = params[:email].presence
  token = params[:sign_in_token].presence
  user  = email && token && Magic::Link.user_class.find_by(email: email)

  if token && send("#{Magic::Link.user_class.name.underscore}_signed_in?")
    flash.now[:alert] = "You are already signed in"
  elsif user && token_matches?(user) && token_not_expired?(user)
    flash[:notice] = "You have signed in successfully"
    user.update_columns(sign_in_token: nil, sign_in_token_sent_at: nil)
    sign_in user
  elsif email && token
    flash[:alert] = "Your sign in token is invalid"
    redirect_to main_app.root_path
  end
end

#token_matches?(user) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/magic/link/controller_extensions.rb', line 26

def token_matches?(user)
  Devise.secure_compare(
    user.sign_in_token,
    Devise.token_generator.digest(Magic::Link.user_class, :sign_in_token, params[:sign_in_token])
  )
end

#token_not_expired?(user) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/magic/link/controller_extensions.rb', line 33

def token_not_expired?(user)
  user.sign_in_token_sent_at >= Magic::Link.token_expiration_hours.hours.ago
end