X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/20a861392e1ee7970da5d95b546aa8551faaf27b..fa93526f76cf08445e910a5f81053db1bed87d70:/app/models/oauth_token.rb diff --git a/app/models/oauth_token.rb b/app/models/oauth_token.rb index f64ec53db..ae15dc658 100644 --- a/app/models/oauth_token.rb +++ b/app/models/oauth_token.rb @@ -1,41 +1,72 @@ -class OauthToken < ActiveRecord::Base - belongs_to :client_application - belongs_to :user - validates_uniqueness_of :token - validates_presence_of :client_application, :token, :secret - before_validation_on_create :generate_keys - - def self.find_token(token_key) - token = OauthToken.find_by_token(token_key, :include => :client_application) - if token && token.authorized? - logger.info "Loaded #{token.token} which was authorized by (user_id=#{token.user_id}) on the #{token.authorized_at}" - token - else - nil - end - end - +# == Schema Information +# +# Table name: oauth_tokens +# +# id :integer not null, primary key +# user_id :integer +# type :string(20) +# client_application_id :integer +# token :string(50) +# secret :string(50) +# authorized_at :datetime +# invalidated_at :datetime +# created_at :datetime +# updated_at :datetime +# allow_read_prefs :boolean default(FALSE), not null +# allow_write_prefs :boolean default(FALSE), not null +# allow_write_diary :boolean default(FALSE), not null +# allow_write_api :boolean default(FALSE), not null +# allow_read_gpx :boolean default(FALSE), not null +# allow_write_gpx :boolean default(FALSE), not null +# callback_url :string +# verifier :string(20) +# scope :string +# valid_to :datetime +# allow_write_notes :boolean default(FALSE), not null +# +# Indexes +# +# index_oauth_tokens_on_token (token) UNIQUE +# index_oauth_tokens_on_user_id (user_id) +# +# Foreign Keys +# +# oauth_tokens_client_application_id_fkey (client_application_id => client_applications.id) +# oauth_tokens_user_id_fkey (user_id => users.id) +# + +class OauthToken < ApplicationRecord + belongs_to :client_application, :optional => true + belongs_to :user, :optional => true + + scope :authorized, -> { where("authorized_at IS NOT NULL and invalidated_at IS NULL") } + + validates :token, :presence => true, :uniqueness => true + validates :user, :associated => true + validates :client_application, :presence => true + + before_validation :generate_keys, :on => :create + def invalidated? invalidated_at != nil end - + def invalidate! - update_attribute(:invalidated_at, Time.now) + update(:invalidated_at => Time.now.utc) end - + def authorized? - authorized_at != nil && !invalidated? + !authorized_at.nil? && !invalidated? end - + def to_query "oauth_token=#{token}&oauth_token_secret=#{secret}" end - -protected - + + protected + def generate_keys - @oauth_token = client_application.oauth_server.generate_credentials - self.token = @oauth_token[0] - self.secret = @oauth_token[1] + self.token = OAuth::Helper.generate_key(40)[0, 40] + self.secret = OAuth::Helper.generate_key(40)[0, 40] end end