Module: Shaf::Session

Defined in:

lib/shaf/helpers/session.rb

Constant Summary

SESSION_TTL =

2 days

60 * 60 * 24 * 2

Instance Method Summary

• #current_session ⇒ Object
• #current_user ⇒ Object
• #extend_session(session) ⇒ Object
• #login(email, password) ⇒ Object
• #logout ⇒ Object

Instance Method Details

#current_session ⇒ Object

# File 'lib/shaf/helpers/session.rb', line 44

def current_session
  unless @current_session
    return unless current_user
    @current_session = Session.where(user_id: current_user.id).first
  end
  @current_session
end

#current_user ⇒ Object

# File 'lib/shaf/helpers/session.rb', line 34

def current_user
  unless defined?(@current_user) && @current_user
    return unless request.env.key? 'HTTP_X_AUTH_TOKEN'
    digest = Digest::SHA256.hexdigest(request.env['HTTP_X_AUTH_TOKEN'])
    session = Session.where(auth_token_digest: digest).first
    @current_user = User[session.user_id] if session&.valid?
  end
  @current_user
end

#extend_session(session) ⇒ Object

# File 'lib/shaf/helpers/session.rb', line 23

def extend_session(session)
  return unless session
  session.update(expire_at: Time.now + SESSION_TTL)
  session.auth_token = request.env['HTTP_X_AUTH_TOKEN']
  session
end

#login(email, password) ⇒ Object

# File 'lib/shaf/helpers/session.rb', line 8

def login(email, password)
  return unless email && password
  user = User.first(email: email) or return
  bcrypt = BCrypt::Password.new(user.password_digest)
  return unless bcrypt == password
  @current_user = user

  Session.where(user_id: user.id).delete
  params = {
    user_id: user.id,
    expire_at: Time.now + SESSION_TTL,
  }
  Session.create(params)
end

#logout ⇒ Object

# File 'lib/shaf/helpers/session.rb', line 30

def logout
  current_session&.destroy
end