Module: Wor::Authentication::SessionsController

Defined in:

lib/wor/authentication/sessions_controller.rb

Instance Method Summary

• #create ⇒ Object
• #generate_access_token(entity) ⇒ Object
• #invalidate_all ⇒ Object
• #renew ⇒ Object
• #renew_access_token(entity) ⇒ Object

Instance Method Details

#create ⇒ Object

# File 'lib/wor/authentication/sessions_controller.rb', line 5

def create
  entity = authenticate_entity(authenticate_params)
  if entity
    token_data = generate_access_token(entity)
    render json: {
      access_token: token_data[:token], renew_id: token_data[:renew_id]
    }, status: :ok
  else
    render_error('Invalid authentication credentials', :unauthorized)
  end
end

#generate_access_token(entity) ⇒ Object

# File 'lib/wor/authentication/sessions_controller.rb', line 32

def generate_access_token(entity)
  renew_id = token_renew_id
  payload = entity_payload(entity).merge(
    entity_custom_validation: entity_custom_validation_value(entity),
    expiration_date: new_token_expiration_date,
    maximum_useful_date: token_maximum_useful_date,
    renew_id: renew_id
  )
  { token: Wor::Authentication::TokenManager.new(token_key).encode(payload), renew_id: renew_id }
end

#invalidate_all ⇒ Object

# File 'lib/wor/authentication/sessions_controller.rb', line 25

def invalidate_all
  # should we rescue anything here ?
  # if invalidating uses db and fails, or something like that
  entity_custom_validation_invalidate_all_value(current_entity)
  head :ok
end

#renew ⇒ Object

# File 'lib/wor/authentication/sessions_controller.rb', line 17

def renew
  if !decoded_token.valid_renew_id?(renew_token_params[:renew_id])
    render_error('Invalid renew_id', :unauthorized)
  else
    render json: { access_token: renew_access_token(current_entity) }, status: :ok
  end
end

#renew_access_token(entity) ⇒ Object

# File 'lib/wor/authentication/sessions_controller.rb', line 43

def renew_access_token(entity)
  payload = decoded_token.payload
  payload[:expiration_date] = new_token_expiration_date
  payload[:entity_custom_validation] = entity_custom_validation_renew_value(entity)
  Wor::Authentication::TokenManager.new(token_key).encode(payload)
end