X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/e660e609661edadc1ed5ad49d6e83e936b2f91cd..1d49b0d71df85ca7f6d049c2ccd2bed0999f2a79:/app/models/oauth_nonce.rb?ds=sidebyside diff --git a/app/models/oauth_nonce.rb b/app/models/oauth_nonce.rb index 3ae50d3a4..e0510dcbf 100644 --- a/app/models/oauth_nonce.rb +++ b/app/models/oauth_nonce.rb @@ -1,14 +1,13 @@ # Simple store of nonces. The OAuth Spec requires that any given pair of nonce and timestamps are unique. # Thus you can use the same nonce with a different timestamp and viceversa. class OauthNonce < ActiveRecord::Base - validates_presence_of :nonce, :timestamp - validates_uniqueness_of :nonce, :scope => :timestamp - - attr_accessible :nonce, :timestamp + validates :timestamp, :presence => true + validates :nonce, :presence => true, :uniqueness => { :scope => :timestamp } # Remembers a nonce and it's associated timestamp. It returns false if it has already been used def self.remember(nonce, timestamp) - oauth_nonce = OauthNonce.create(:nonce => nonce, :timestamp => timestamp) + return false if Time.now.to_i - timestamp.to_i > 86400 + oauth_nonce = OauthNonce.create(:nonce => nonce, :timestamp => timestamp.to_i) return false if oauth_nonce.new_record? oauth_nonce end