Class: RememberMe

Inherits:

Merb::Authentication::Strategy

Object
Merb::Authentication::Strategy
RememberMe

show all

Defined in:: lib/merb-auth-remember-me/strategies/remember_me.rb

Instance Method Summary collapse

#current_user ⇒ Object
#current_user=(new_user) ⇒ Object
#handle_remember_cookie!(new_cookie_flag) ⇒ Object

Refresh the cookie auth token if it exists, create it otherwise.
#run! ⇒ Object

Called from #current_user.
#send_remember_cookie! ⇒ Object
#valid_remember_cookie? ⇒ Boolean

Cookies shouldn’t be allowed to persist past their freshness date, and they should be changed at each login.

Instance Method Details

#current_user ⇒ `Object`



13
14
15

# File 'lib/merb-auth-remember-me/strategies/remember_me.rb', line 13

def current_user
  @current_user
end

#current_user=(new_user) ⇒ `Object`



17
18
19

# File 'lib/merb-auth-remember-me/strategies/remember_me.rb', line 17

def current_user=(new_user)
  @current_user = new_user
end

#handle_remember_cookie!(new_cookie_flag) ⇒ `Object`

Refresh the cookie auth token if it exists, create it otherwise

# File 'lib/merb-auth-remember-me/strategies/remember_me.rb', line 37

def handle_remember_cookie! new_cookie_flag
  return unless current_user
  case
  when valid_remember_cookie? then current_user.refresh_token # keeping same expiry date
  when new_cookie_flag        then current_user.remember_me 
  else                             current_user.forget_me
  end
  send_remember_cookie!
end

#run! ⇒ `Object`

Called from #current_user. Finaly, attempt to login by an expiring token in the cookie. for the paranoid: we should be storing user_token = hash(cookie_token, request IP)

# File 'lib/merb-auth-remember-me/strategies/remember_me.rb', line 5

def run!
  current_user = cookies[:auth_token] && Merb::Authentication.user_class.first(:conditions => ["remember_token = ?", cookies[:auth_token]])
  if current_user && current_user.remember_token?
    handle_remember_cookie! false # freshen cookie token (keeping date)
    current_user
  end
end

#send_remember_cookie! ⇒ `Object`



47
48
49

# File 'lib/merb-auth-remember-me/strategies/remember_me.rb', line 47

def send_remember_cookie!
  cookies.set_cookie(:auth_token, current_user.remember_token, :expires => current_user.remember_token_expires_at.to_time)
end

#valid_remember_cookie? ⇒ `Boolean`

Cookies shouldn’t be allowed to persist past their freshness date, and they should be changed at each login

Returns:

(Boolean)

# File 'lib/merb-auth-remember-me/strategies/remember_me.rb', line 30

def valid_remember_cookie?
  return nil unless current_user
  (current_user.remember_token?) && 
    (cookies[:auth_token] == current_user.remember_token)
end

Class: RememberMe

Instance Method Summary collapse

Instance Method Details

#current_user ⇒ Object

#current_user=(new_user) ⇒ Object

#handle_remember_cookie!(new_cookie_flag) ⇒ Object

#run! ⇒ Object