X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/8ae5d94b2f16d6f2cf1739e19ebc3793a18a0a4a..c8e21c409c9bec446f0caa2526d5b07861bb3299:/app/models/oauth_token.rb diff --git a/app/models/oauth_token.rb b/app/models/oauth_token.rb index 376ad7644..affdcdeb8 100644 --- a/app/models/oauth_token.rb +++ b/app/models/oauth_token.rb @@ -1,45 +1,72 @@ -class OauthToken < ActiveRecord::Base +# == Schema Information +# +# Table name: oauth_tokens +# +# id :integer not null, primary key +# user_id :integer +# type :string(20) +# client_application_id :integer +# token :string(50) +# secret :string(50) +# authorized_at :datetime +# invalidated_at :datetime +# created_at :datetime +# updated_at :datetime +# allow_read_prefs :boolean default(FALSE), not null +# allow_write_prefs :boolean default(FALSE), not null +# allow_write_diary :boolean default(FALSE), not null +# allow_write_api :boolean default(FALSE), not null +# allow_read_gpx :boolean default(FALSE), not null +# allow_write_gpx :boolean default(FALSE), not null +# callback_url :string +# verifier :string(20) +# scope :string +# valid_to :datetime +# allow_write_notes :boolean default(FALSE), not null +# +# Indexes +# +# index_oauth_tokens_on_token (token) UNIQUE +# index_oauth_tokens_on_user_id (user_id) +# +# Foreign Keys +# +# oauth_tokens_client_application_id_fkey (client_application_id => client_applications.id) +# oauth_tokens_user_id_fkey (user_id => users.id) +# + +class OauthToken < ApplicationRecord belongs_to :client_application belongs_to :user - scope :authorized, where("authorized_at IS NOT NULL and invalidated_at IS NULL") + scope :authorized, -> { where("authorized_at IS NOT NULL and invalidated_at IS NULL") } - validates_uniqueness_of :token - validates_presence_of :client_application, :token, :secret + validates :token, :presence => true, :uniqueness => true + validates :user, :associated => true + validates :client_application, :presence => true before_validation :generate_keys, :on => :create - - def self.find_token(token_key) - token = OauthToken.find_by_token(token_key, :include => :client_application) - if token && token.authorized? - logger.info "Loaded #{token.token} which was authorized by (user_id=#{token.user_id}) on the #{token.authorized_at}" - token - else - nil - end - end - + def invalidated? invalidated_at != nil end - + def invalidate! - update_attribute(:invalidated_at, Time.now) + update(:invalidated_at => Time.now) end - + def authorized? - authorized_at != nil && !invalidated? + !authorized_at.nil? && !invalidated? end - + def to_query "oauth_token=#{token}&oauth_token_secret=#{secret}" end - -protected - + + protected + def generate_keys - @oauth_token = client_application.oauth_server.generate_credentials - self.token = @oauth_token[0] - self.secret = @oauth_token[1] + self.token = OAuth::Helper.generate_key(40)[0, 40] + self.secret = OAuth::Helper.generate_key(40)[0, 40] end end