-class OauthToken < ActiveRecord::Base
- belongs_to :client_application
- belongs_to :user
- validates_uniqueness_of :token
- validates_presence_of :client_application, :token, :secret
+# == Schema Information
+# Table name: oauth_tokens
+# id :integer not null, primary key
+# user_id :integer
+# type :string(20)
+# client_application_id :integer
+# token :string(50)
+# secret :string(50)
+# authorized_at :datetime
+# invalidated_at :datetime
+# created_at :datetime
+# updated_at :datetime
+# allow_read_prefs :boolean default(FALSE), not null
+# allow_write_prefs :boolean default(FALSE), not null
+# allow_write_diary :boolean default(FALSE), not null
+# allow_write_api :boolean default(FALSE), not null
+# allow_read_gpx :boolean default(FALSE), not null
+# allow_write_gpx :boolean default(FALSE), not null
+# callback_url :string
+# verifier :string(20)
+# scope :string
+# valid_to :datetime
+# allow_write_notes :boolean default(FALSE), not null
+# Indexes
+# index_oauth_tokens_on_token (token) UNIQUE
+# index_oauth_tokens_on_user_id (user_id)
+# Foreign Keys
+# oauth_tokens_client_application_id_fkey (client_application_id => client_applications.id)
+# oauth_tokens_user_id_fkey (user_id => users.id)
+class OauthToken < ApplicationRecord
+ belongs_to :client_application, :optional => true
+ belongs_to :user, :optional => true
+ scope :authorized, -> { where("authorized_at IS NOT NULL and invalidated_at IS NULL") }
+ validates :token, :presence => true, :uniqueness => true
+ validates :user, :associated => true
+ validates :client_application, :presence => true
before_validation :generate_keys, :on => :create
- def self.find_token(token_key)
- token = OauthToken.find_by_token(token_key, :include => :client_application)
- if token && token.authorized?
- logger.info "Loaded #{token.token} which was authorized by (user_id=#{token.user_id}) on the #{token.authorized_at}"
- token
- else
- nil
- end
- end
def invalidated?
invalidated_at != nil
def invalidate!
- update_attribute(:invalidated_at, Time.now)
+ update(:invalidated_at => Time.now)
def authorized?
- authorized_at != nil && !invalidated?
+ !authorized_at.nil? && !invalidated?
def to_query
+ protected
def generate_keys
- @oauth_token = client_application.oauth_server.generate_credentials
- self.token = @oauth_token[0]
- self.secret = @oauth_token[1]
+ self.token = OAuth::Helper.generate_key(40)[0, 40]
+ self.secret = OAuth::Helper.generate_key(40)[0, 40]