Class: TokenAuthenticatableStrategies::Encrypted

Inherits:
Base
  • Object
show all
Defined in:
app/models/concerns/token_authenticatable_strategies/encrypted.rb

Instance Attribute Summary

Attributes inherited from Base

#klass, #options, #token_field

Instance Method Summary collapse

Methods inherited from Base

#ensure_token!, #expirable?, #expired?, #expires_at, fabricate, #format_token, #initialize, #reset_token!, #token_with_expiration

Constructor Details

This class inherits a constructor from TokenAuthenticatableStrategies::Base

Instance Method Details

#ensure_token(instance) ⇒ Object 



26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
 
# File 'app/models/concerns/token_authenticatable_strategies/encrypted.rb', line 26

def ensure_token(instance)
  # TODO, tech debt, because some specs are testing migrations, but are still
  # using factory bot to create resources, it might happen that a database
  # schema does not have "#{token_name}_encrypted" field yet, however a bunch
  # of models call `ensure_#{token_name}` in `before_save`.
  #
  # In that case we are using insecure strategy, but this should only happen
  # in tests, because otherwise `encrypted_field` is going to exist.
  #
  # Another use case is when we are caching resources / columns, like we do
  # in case of ApplicationSetting.

  return super if instance.has_attribute?(encrypted_field)

  if required?
    raise ArgumentError, _('Using required encryption strategy when encrypted field is missing!')
  else
    insecure_strategy.ensure_token(instance)
  end
end

#find_token_authenticatable(token, unscoped = false) ⇒ Object 



9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
 
# File 'app/models/concerns/token_authenticatable_strategies/encrypted.rb', line 9

def find_token_authenticatable(token, unscoped = false)
  return if token.blank?

  instance = if required?
               find_by_encrypted_token(token, unscoped)
             elsif optional?
               find_by_encrypted_token(token, unscoped) ||
                 find_by_plaintext_token(token, unscoped)
             elsif migrating?
               find_by_plaintext_token(token, unscoped)
             else
               raise ArgumentError, _("Unknown encryption strategy: %{encrypted_strategy}!") % { encrypted_strategy: encrypted_strategy }
             end

  instance if instance && matches_prefix?(instance, token)
end

#get_token(instance) ⇒ Object 



47
48
49
50
51
 
# File 'app/models/concerns/token_authenticatable_strategies/encrypted.rb', line 47

def get_token(instance)
  return insecure_strategy.get_token(instance) if migrating?

  get_encrypted_token(instance)
end

#migrating?Boolean

Returns:

  • (Boolean) 


66
67
68
 
# File 'app/models/concerns/token_authenticatable_strategies/encrypted.rb', line 66

def migrating?
  encrypted_strategy == :migrating
end

#optional?Boolean

Returns:

  • (Boolean) 


70
71
72
 
# File 'app/models/concerns/token_authenticatable_strategies/encrypted.rb', line 70

def optional?
  encrypted_strategy == :optional
end

#required?Boolean

Returns:

  • (Boolean) 


62
63
64
 
# File 'app/models/concerns/token_authenticatable_strategies/encrypted.rb', line 62

def required?
  encrypted_strategy == :required
end

#set_token(instance, token) ⇒ Object

Raises:

  • (ArgumentError) 


53
54
55
56
57
58
59
60
 
# File 'app/models/concerns/token_authenticatable_strategies/encrypted.rb', line 53

def set_token(instance, token)
  raise ArgumentError unless token.present?

  instance[encrypted_field] = EncryptionHelper.encrypt_token(token)
  instance[token_field] = token if migrating?
  instance[token_field] = nil if optional?
  token
end

#token_fieldsObject 



5
6
7
 
# File 'app/models/concerns/token_authenticatable_strategies/encrypted.rb', line 5

def token_fields
  super + [encrypted_field]
end