Class: OpenSesame::Token
- Inherits:
-
Object
- Object
- OpenSesame::Token
- Defined in:
- lib/open-sesame.rb
Overview
Used for generating time-sensitive, cryptographically secure authorization tokens.
Constant Summary collapse
- @@default_secret =
For really lazy people. You really should set your own secret phrase.
"OPEN SESAME"
Class Method Summary collapse
-
.generate(secret = @@default_secret, timestamp = Time.now.utc.to_datetime) ⇒ String
Generate a token, which will automatically expire after one hour.
-
.verify(token, secret = @@default_secret) ⇒ Object
Verify a token.
Class Method Details
.generate(secret = @@default_secret, timestamp = Time.now.utc.to_datetime) ⇒ String
Generate a token, which will automatically expire after one hour.
18 19 20 21 22 |
# File 'lib/open-sesame.rb', line 18 def self.generate(secret = @@default_secret, = Time.now.utc.to_datetime) = .strftime('%Y%m%dT%H%M') hash = (Digest::SHA1.new << secret + ).to_s + '-' + hash end |
.verify(token, secret = @@default_secret) ⇒ Object
Verify a token.
28 29 30 31 32 33 |
# File 'lib/open-sesame.rb', line 28 def self.verify(token, secret = @@default_secret) string = token.split /-/ = DateTime.strptime string.first, '%Y%m%dT%H%M' one_hour_ago = (Time.now.utc - 3600).to_datetime ( >= one_hour_ago) && token.eql?(generate(secret, )) end |