mirror of
https://github.com/internetee/registry.git
synced 2025-06-05 04:07:33 +02:00
44 lines
1 KiB
Ruby
44 lines
1 KiB
Ruby
class AuthTokenCreator
|
|
DEFAULT_VALIDITY = 2.hours
|
|
|
|
attr_reader :user
|
|
attr_reader :key
|
|
attr_reader :expires_at
|
|
|
|
def self.create_with_defaults(user)
|
|
new(user, Rails.application.config.secret_key_base, Time.now + DEFAULT_VALIDITY)
|
|
end
|
|
|
|
def initialize(user, key, expires_at)
|
|
@user = user
|
|
@key = key
|
|
@expires_at = expires_at.utc.strftime('%F %T %Z')
|
|
end
|
|
|
|
def hashable
|
|
{
|
|
user_ident: user.registrant_ident,
|
|
user_username: user.username,
|
|
expires_at: expires_at,
|
|
}.to_json
|
|
end
|
|
|
|
def encrypted_token
|
|
encryptor = OpenSSL::Cipher::AES.new(256, :CBC)
|
|
encryptor.encrypt
|
|
|
|
# OpenSSL used to automatically shrink oversized keys, it does not do that any longer.
|
|
# See: https://github.com/ruby/openssl/issues/116
|
|
encryptor.key = key[0..31]
|
|
encrypted_bytes = encryptor.update(hashable) + encryptor.final
|
|
Base64.urlsafe_encode64(encrypted_bytes)
|
|
end
|
|
|
|
def token_in_hash
|
|
{
|
|
access_token: encrypted_token,
|
|
expires_at: expires_at,
|
|
type: 'Bearer',
|
|
}
|
|
end
|
|
end
|