Module: Devise::Models::TokenAuthenticatable

Extended by:
ActiveSupport::Concern
Defined in:
lib/devise_token_auth/models/token_authenticatable.rb

Instance Method Summary collapse

Instance Method Details

#build_auth_header(token, client_id = 'default') ⇒ Object 



133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
 
# File 'lib/devise_token_auth/models/token_authenticatable.rb', line 133

def build_auth_header(token, client_id='default')
  client_id ||= 'default'

  # client may use expiry to prevent validation request if expired
  # must be cast as string or headers will break
  expiry = self.tokens[client_id]['expiry'].to_s

  return {
    "access-token" => token,
    "token-type"   => "Bearer",
    "client"       => client_id,
    "expiry"       => expiry,
    "uid"          => self.uid
  }
end

#build_auth_url(base_url, args) ⇒ Object 



150
151
152
153
154
155
 
# File 'lib/devise_token_auth/models/token_authenticatable.rb', line 150

def build_auth_url(base_url, args)
  args[:uid]    = self.uid
  args[:expiry] = self.tokens[args[:client_id]]['expiry']

  generate_url(base_url, args)
end

#create_new_auth_token(client_id = nil) ⇒ Object

update user’s auth token (should happen on each request)



109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
 
# File 'lib/devise_token_auth/models/token_authenticatable.rb', line 109

def create_new_auth_token(client_id=nil)
  client_id  ||= SecureRandom.urlsafe_base64(nil, false)
  last_token ||= nil
  token        = SecureRandom.urlsafe_base64(nil, false)
  token_hash   = BCrypt::Password.create(token)
  expiry       = (Time.now + DeviseTokenAuth.token_lifespan).to_i

  if self.tokens[client_id] and self.tokens[client_id]['token']
    last_token = self.tokens[client_id]['token']
  end

  self.tokens[client_id] = {
    token:      token_hash,
    expiry:     expiry,
    last_token: last_token,
    updated_at: Time.now
 }

  self.save!

  return build_auth_header(token, client_id)
end

#extend_batch_buffer(token, client_id) ⇒ Object 



158
159
160
161
162
163
 
# File 'lib/devise_token_auth/models/token_authenticatable.rb', line 158

def extend_batch_buffer(token, client_id)
  self.tokens[client_id]['updated_at'] = Time.now
  self.save!

  return build_auth_header(token, client_id)
end

#send_confirmation_notification?Boolean

this must be done from the controller so that additional params can be passed on from the client

Returns:

  • (Boolean) 


60
61
62
 
# File 'lib/devise_token_auth/models/token_authenticatable.rb', line 60

def send_confirmation_notification?
  false
end

#token_can_be_reused?(token, client_id) ⇒ Boolean

allow batch requests to use the previous token

Returns:

  • (Boolean) 


93
94
95
96
97
98
99
100
101
102
103
104
105
 
# File 'lib/devise_token_auth/models/token_authenticatable.rb', line 93

def token_can_be_reused?(token, client_id)
  return true if (
    # ensure that the last token and its creation time exist
    self.tokens[client_id]['updated_at'] and
    self.tokens[client_id]['last_token'] and

    # ensure that previous token falls within the batch buffer throttle time of the last request
    Time.parse(self.tokens[client_id]['updated_at']) > Time.now - DeviseTokenAuth.batch_request_buffer_throttle and

    # ensure that the token is valid
    BCrypt::Password.new(self.tokens[client_id]['last_token']) == token
  )
end

#token_is_current?(token, client_id) ⇒ Boolean

Returns:

  • (Boolean) 


77
78
79
80
81
82
83
84
85
86
87
88
89
 
# File 'lib/devise_token_auth/models/token_authenticatable.rb', line 77

def token_is_current?(token, client_id)
  return true if (
    # ensure that expiry and token are set
    self.tokens[client_id]['expiry'] and
    self.tokens[client_id]['token'] and

    # ensure that the token was created within the last two weeks
    DateTime.strptime(self.tokens[client_id]['expiry'].to_s, '%s') > Time.now and

    # ensure that the token is valid
    BCrypt::Password.new(self.tokens[client_id]['token']) == token
  )
end

#valid_token?(token, client_id = 'default') ⇒ Boolean

Returns:

  • (Boolean) 


64
65
66
67
68
69
70
71
72
73
74
 
# File 'lib/devise_token_auth/models/token_authenticatable.rb', line 64

def valid_token?(token, client_id='default')
  client_id ||= 'default'

  return false unless self.tokens[client_id]

  return true if token_is_current?(token, client_id)
  return true if token_can_be_reused?(token, client_id)

  # return false if none of the above conditions are met
  return false
end