Class: Userbin::Client

Inherits:

Object

• Object
• Userbin::Client

Defined in:

lib/userbin/client.rb

Instance Attribute Summary

• #request_context ⇒ Object

  Returns the value of attribute request_context.

Class Method Summary

• .install_proxy_methods(*names) ⇒ Object

Instance Method Summary

• #authorize ⇒ Object
• #authorize! ⇒ Object
• #authorized? ⇒ Boolean
• #device_trusted? ⇒ Boolean
• #has_default_pairing? ⇒ Boolean
• #identify(user_id) ⇒ Object
• #initialize(request, cookies, opts = {}) ⇒ Client constructor

  A new instance of Client.

• #login(user_id, user_attrs = {}) ⇒ Object
• #logout ⇒ Object

  This method ends the current monitoring session.

• #mfa_enabled? ⇒ Boolean
• #mfa_in_progress? ⇒ Boolean
• #mfa_required? ⇒ Boolean
• #session_token ⇒ Object
• #session_token=(value) ⇒ Object
• #trust_device(attrs = {}) ⇒ Object
• #trusted_device_token ⇒ Object
• #trusted_device_token=(value) ⇒ Object

Constructor Details

#initialize(request, cookies, opts = {}) ⇒ Client

# File 'lib/userbin/client.rb', line 20

def initialize(request, cookies, opts = {})
  # Save a reference in the per-request store so that the request
  # middleware in request.rb can access it
  RequestStore.store[:userbin] = self

  # By default the session token is persisted in the Rack store, which may
  # in turn point to any source. This option give you an option to
  # use any store, such as Redis or Memcached to store your Userbin tokens.
  if opts[:session_store]
    @session_store = opts[:session_store]
  else
    @session_store = Userbin::SessionStore::Rack.new(request.session)
  end

  @trusted_token_store = Userbin::TrustedTokenStore::Rack.new(cookies)

  @request_context = {
    ip: request.ip,
    user_agent: request.user_agent
  }
end

Instance Attribute Details

#request_context ⇒ Object

Returns the value of attribute request_context.

# File 'lib/userbin/client.rb', line 4

def request_context
  @request_context
end

Class Method Details

.install_proxy_methods(*names) ⇒ Object

# File 'lib/userbin/client.rb', line 6

def self.install_proxy_methods(*names)
  names.each do |name|
    class_eval <<-RUBY, __FILE__, __LINE__ + 1
      def #{name}(*args)
        Userbin::User.new('current').#{name}(*args)
      end
    RUBY
  end
end

Instance Method Details

#authorize ⇒ Object

# File 'lib/userbin/client.rb', line 75

def authorize
  return unless session_token

  if session_token.expired?
    Userbin::Monitoring.heartbeat
  end
end

#authorize! ⇒ Object

# File 'lib/userbin/client.rb', line 87

def authorize!
  unless session_token
    raise Userbin::UserUnauthorizedError,
      'Need to call login before authorize'
  end

  authorize

  if mfa_in_progress?
    logout
    raise Userbin::UserUnauthorizedError,
        'Logged out due to being unverified'
  end

  if mfa_required? && !device_trusted?
    raise Userbin::ChallengeRequiredError
  end
end

#authorized? ⇒ Boolean

# File 'lib/userbin/client.rb', line 83

def authorized?
  !!session_token
end

#device_trusted? ⇒ Boolean

# File 'lib/userbin/client.rb', line 147

def device_trusted?
  session_token ? session_token.device_trusted? : false
end

#has_default_pairing? ⇒ Boolean

# File 'lib/userbin/client.rb', line 159

def has_default_pairing?
  session_token ? session_token.has_default_pairing? : false
end

#identify(user_id) ⇒ Object

# File 'lib/userbin/client.rb', line 67

def identify(user_id)
  # The user identifier is used in API paths so it needs to be cleaned
  user_id = URI.encode(user_id.to_s)

  @session_store.user_id = user_id
  @trusted_token_store.user_id = user_id
end

#login(user_id, user_attrs = {}) ⇒ Object

# File 'lib/userbin/client.rb', line 106

def login(user_id, user_attrs = {})
  # Clear the session token if any
  self.session_token = nil

  identify(user_id)

  user = Userbin::User.new(@session_store.user_id)
  session = user.sessions.create(
    user: user_attrs, trusted_device_token: self.trusted_device_token)

  # Set the session token for use in all subsequent requests
  self.session_token = session.token
end

#logout ⇒ Object

This method ends the current monitoring session. It should be called whenever the user logs out from your system.

# File 'lib/userbin/client.rb', line 130

def logout
  return unless session_token

  # Destroy the current session specified in the session token
  begin
    sessions.destroy('current')
  rescue Userbin::Error # ignored
  end

  # Clear the session token
  self.session_token = nil
end

#mfa_enabled? ⇒ Boolean

# File 'lib/userbin/client.rb', line 143

def mfa_enabled?
  session_token ? session_token.mfa_enabled? : false
end

#mfa_in_progress? ⇒ Boolean

# File 'lib/userbin/client.rb', line 151

def mfa_in_progress?
  session_token ? session_token.has_challenge? : false
end

#mfa_required? ⇒ Boolean

# File 'lib/userbin/client.rb', line 155

def mfa_required?
  session_token ? session_token.needs_challenge? : false
end

#session_token ⇒ Object

# File 'lib/userbin/client.rb', line 50

def session_token
  token = @session_store.read
  Userbin::SessionToken.new(token) if token
end

#session_token=(value) ⇒ Object

# File 'lib/userbin/client.rb', line 42

def session_token=(value)
  if value && value != @session_store.read
    @session_store.write(value)
  elsif !value
    @session_store.destroy
  end
end

#trust_device(attrs = {}) ⇒ Object

# File 'lib/userbin/client.rb', line 120

def trust_device(attrs = {})
  trusted_device = trusted_devices.create(attrs)

  # Set the session token for use in all subsequent requests
  self.trusted_device_token = trusted_device.token
end

#trusted_device_token ⇒ Object

# File 'lib/userbin/client.rb', line 63

def trusted_device_token
  @trusted_token_store.read
end

#trusted_device_token=(value) ⇒ Object

# File 'lib/userbin/client.rb', line 55

def trusted_device_token=(value)
  if value && value != @trusted_token_store.read
    @trusted_token_store.write(value)
  elsif !value
    @trusted_token_store.destroy
  end
end