Class: Trivialsso::Login
- Inherits:
-
Object
- Object
- Trivialsso::Login
- Defined in:
- lib/trivialsso.rb
Class Method Summary collapse
-
.cookie(userdata, exp_date = expire_date) ⇒ Object
create an encrypted and signed cookie containing userdata and an expiry date.
-
.decode_cookie(cookie) ⇒ Object
Decodes and verifies an encrypted cookie throw a proper exception if a bad or invalid cookie.
-
.expire_date ⇒ Object
returns the exipiry date from now.
Class Method Details
.cookie(userdata, exp_date = expire_date) ⇒ Object
create an encrypted and signed cookie containing userdata and an expiry date. userdata should be an array, and at minimum include a ‘username’ key. using json serializer to hopefully allow future cross version compatibliity (Marshall, the default serializer, is not compatble between versions)
12 13 14 15 16 17 18 19 20 21 22 |
# File 'lib/trivialsso.rb', line 12 def self.(userdata, exp_date = expire_date) begin raise MissingConfig if Rails.configuration.sso_secret.blank? rescue NoMethodError raise MissingConfig end raise NoUsernameCookie if userdata['username'].blank? enc = ActiveSupport::MessageEncryptor.new(Rails.configuration.sso_secret, :serializer => JSON) = enc.encrypt_and_sign([userdata,exp_date.to_i]) return end |
.decode_cookie(cookie) ⇒ Object
Decodes and verifies an encrypted cookie throw a proper exception if a bad or invalid cookie. otherwise, return the username and userdata stored in the cookie
27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 |
# File 'lib/trivialsso.rb', line 27 def self.() begin raise MissingConfig if Rails.configuration.sso_secret.blank? rescue NoMethodError raise MissingConfig end if .blank? raise MissingCookie else enc = ActiveSupport::MessageEncryptor.new(Rails.configuration.sso_secret, :serializer => JSON) begin userdata, = enc.decrypt_and_verify() rescue ActiveSupport::MessageVerifier::InvalidSignature #raise our own cookie error instead of passing on invalid signature. raise BadCookie rescue ActiveSupport::MessageEncryptor::InvalidMessage #raise our own cookie error instead of passing on invalid message. raise BadCookie end # Determine how many seconds our cookie is valid for. timeRemain = - DateTime.now.to_i #make sure current time is not past timestamp. if timeRemain > 0 return userdata else raise LoginExpired end end end |
.expire_date ⇒ Object
returns the exipiry date from now. Used for setting an expiry date when creating cookies.
60 61 62 |
# File 'lib/trivialsso.rb', line 60 def self.expire_date 9.hours.from_now end |