Mercurial > hg > soundsoftware-site

annotate app/models/token.rb @ 1628:9c5f8e24dadc live tip

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Quieten this cron script
author Chris Cannam
date Tue, 25 Aug 2020 11:38:49 +0100
parents e248c7af89ec
children
rev   line source
Chris@0 1 # Redmine - project management software
Chris@1494 2 # Copyright (C) 2006-2014 Jean-Philippe Lang
Chris@0 3 #
Chris@0 4 # This program is free software; you can redistribute it and/or
Chris@0 5 # modify it under the terms of the GNU General Public License
Chris@0 6 # as published by the Free Software Foundation; either version 2
Chris@0 7 # of the License, or (at your option) any later version.
Chris@909 8 #
Chris@0 9 # This program is distributed in the hope that it will be useful,
Chris@0 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
Chris@0 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
Chris@0 12 # GNU General Public License for more details.
Chris@909 13 #
Chris@0 14 # You should have received a copy of the GNU General Public License
Chris@0 15 # along with this program; if not, write to the Free Software
Chris@0 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
Chris@0 17
Chris@0 18 class Token < ActiveRecord::Base
Chris@0 19 belongs_to :user
Chris@0 20 validates_uniqueness_of :value
Chris@909 21
Chris@909 22 before_create :delete_previous_tokens, :generate_new_token
Chris@909 23
Chris@0 24 @@validity_time = 1.day
Chris@909 25
Chris@909 26 def generate_new_token
Chris@0 27 self.value = Token.generate_token_value
Chris@0 28 end
Chris@0 29
Chris@909 30 # Return true if token has expired
Chris@0 31 def expired?
Chris@0 32 return Time.now > self.created_on + @@validity_time
Chris@0 33 end
Chris@909 34
Chris@0 35 # Delete all expired tokens
Chris@0 36 def self.destroy_expired
Chris@1115 37 Token.delete_all ["action NOT IN (?) AND created_on < ?", ['feeds', 'api'], Time.now - @@validity_time]
Chris@0 38 end
Chris@909 39
Chris@1464 40 # Returns the active user who owns the key for the given action
Chris@1464 41 def self.find_active_user(action, key, validity_days=nil)
Chris@1464 42 user = find_user(action, key, validity_days)
Chris@1464 43 if user && user.active?
Chris@1464 44 user
Chris@1464 45 end
Chris@1464 46 end
Chris@1464 47
Chris@1464 48 # Returns the user who owns the key for the given action
Chris@1464 49 def self.find_user(action, key, validity_days=nil)
Chris@1464 50 token = find_token(action, key, validity_days)
Chris@1464 51 if token
Chris@1464 52 token.user
Chris@1464 53 end
Chris@1464 54 end
Chris@1464 55
Chris@1464 56 # Returns the token for action and key with an optional
Chris@1464 57 # validity duration (in number of days)
Chris@1464 58 def self.find_token(action, key, validity_days=nil)
Chris@1464 59 action = action.to_s
Chris@1464 60 key = key.to_s
Chris@1464 61 return nil unless action.present? && key =~ /\A[a-z0-9]+\z/i
Chris@1464 62
Chris@1464 63 token = Token.where(:action => action, :value => key).first
Chris@1464 64 if token && (token.action == action) && (token.value == key) && token.user
Chris@1464 65 if validity_days.nil? || (token.created_on > validity_days.days.ago)
Chris@1464 66 token
Chris@1464 67 end
Chris@1464 68 end
Chris@1464 69 end
Chris@1464 70
Chris@0 71 def self.generate_token_value
Chris@1115 72 Redmine::Utils.random_hex(20)
Chris@0 73 end
Chris@909 74
Chris@1464 75 private
Chris@1464 76
Chris@0 77 # Removes obsolete tokens (same user and action)
Chris@0 78 def delete_previous_tokens
Chris@0 79 if user
Chris@0 80 Token.delete_all(['user_id = ? AND action = ?', user.id, action])
Chris@0 81 end
Chris@0 82 end
Chris@0 83 end