Module: SimpleTokenAuthentication::TokenAuthenticationHandler

Extended by:

ActiveSupport::Concern

Defined in:

lib/simple_token_authentication/token_authentication_handler.rb

Defined Under Namespace

Modules: ClassMethods

Instance Method Summary

• #authenticate_entity_from_fallback!(entity, fallback_authentication_handler) ⇒ Object
• #authenticate_entity_from_token!(entity) ⇒ Object
• #find_record_from_identifier(entity) ⇒ Object
• #integrate_with_devise_case_insensitive_keys(email) ⇒ Object

  Private: Take benefit from Devise case-insensitive keys.

• #perform_sign_in!(record, sign_in_handler) ⇒ Object
• #sign_in_handler ⇒ Object

  Private: Get one (always the same) object which behaves as a sign in handler.

• #token_comparator ⇒ Object

  Private: Get one (always the same) object which behaves as a token comprator.

• #token_correct?(record, entity, token_comparator) ⇒ Boolean

Instance Method Details

#authenticate_entity_from_fallback!(entity, fallback_authentication_handler) ⇒ Object

# File 'lib/simple_token_authentication/token_authentication_handler.rb', line 37

def authenticate_entity_from_fallback!(entity, fallback_authentication_handler)
  fallback_authentication_handler.authenticate_entity!(self, entity)
end

#authenticate_entity_from_token!(entity) ⇒ Object

# File 'lib/simple_token_authentication/token_authentication_handler.rb', line 29

def authenticate_entity_from_token!(entity)
  record = find_record_from_identifier(entity)

  if token_correct?(record, entity, token_comparator)
    perform_sign_in!(record, sign_in_handler)
  end
end

#find_record_from_identifier(entity) ⇒ Object

# File 'lib/simple_token_authentication/token_authentication_handler.rb', line 54

def find_record_from_identifier(entity)
  email = entity.get_identifier_from_params_or_headers(self).presence

  email = integrate_with_devise_case_insensitive_keys(email)

  # The finder method should be compatible with all the model adapters,
  # namely ActiveRecord and Mongoid in all their supported versions.
  record = nil
  record = email && entity.model.where(email: email).first
end

#integrate_with_devise_case_insensitive_keys(email) ⇒ Object

Private: Take benefit from Devise case-insensitive keys

See github.com/plataformatec/devise/blob/v3.4.1/lib/generators/templates/devise.rb#L45-L48

email - the original email String

Returns an email String which case follows the Devise case-insensitive keys policy

# File 'lib/simple_token_authentication/token_authentication_handler.rb', line 72

def integrate_with_devise_case_insensitive_keys(email)
  email.downcase! if email && Devise.case_insensitive_keys.include?(:email)
  email
end

#perform_sign_in!(record, sign_in_handler) ⇒ Object

# File 'lib/simple_token_authentication/token_authentication_handler.rb', line 46

def perform_sign_in!(record, sign_in_handler)
  # Notice the store option defaults to false, so the record
  # identifier is not actually stored in the session and a token
  # is needed for every request. That behaviour can be configured
  # through the sign_in_token option.
  sign_in_handler.sign_in self, record, store: SimpleTokenAuthentication.sign_in_token
end

#sign_in_handler ⇒ Object

Private: Get one (always the same) object which behaves as a sign in handler

# File 'lib/simple_token_authentication/token_authentication_handler.rb', line 83

def sign_in_handler
  @@sign_in_handler ||= SignInHandler.new
end

#token_comparator ⇒ Object

Private: Get one (always the same) object which behaves as a token comprator

# File 'lib/simple_token_authentication/token_authentication_handler.rb', line 78

def token_comparator
  @@token_comparator ||= TokenComparator.new
end

#token_correct?(record, entity, token_comparator) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/simple_token_authentication/token_authentication_handler.rb', line 41

def token_correct?(record, entity, token_comparator)
  record && token_comparator.compare(record.authentication_token,
                                     entity.get_token_from_params_or_headers(self))
end