Browse Source
Refactors methods for searching a user by token.
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@11296 e93f8b46-1217-0410-a6f0-8f06a7374b81tags/2.3.0
Jean-Philippe Lang
11 years ago
2 changed files with 22 additions and 13 deletions
+ 16
- 1
app/models/token.rb
View File
| @@ -37,11 +37,26 @@ class Token < ActiveRecord::Base | |||
| Token.delete_all ["action NOT IN (?) AND created_on < ?", ['feeds', 'api'], Time.now - @@validity_time] | |||
| end | |||
| private | |||
| # Returns the active user who owns the key for the given action | |||
| def self.find_active_user(action, key, validity_days=nil) | |||
| action = action.to_s | |||
| key = key.to_s | |||
| return nil unless action.present? && key =~ /\A[a-f0-9]+\z/ | |||
| token = find_by_action_and_value(action, key) | |||
| if token && token.user && token.user.active? | |||
| if validity_days.nil? || (token.created_on > validity_days.ago) | |||
| token.user | |||
| end | |||
| end | |||
| end | |||
| def self.generate_token_value | |||
| Redmine::Utils.random_hex(20) | |||
| end | |||
| private | |||
| # Removes obsolete tokens (same user and action) | |||
| def delete_previous_tokens | |||
| if user | |||
+ 6
- 12
app/models/user.rb
View File
| @@ -190,14 +190,10 @@ class User < Principal | |||
| # Returns the user who matches the given autologin +key+ or nil | |||
| def self.try_to_autologin(key) | |||
| tokens = Token.find_all_by_action_and_value('autologin', key.to_s) | |||
| # Make sure there's only 1 token that matches the key | |||
| if tokens.size == 1 | |||
| token = tokens.first | |||
| if (token.created_on > Setting.autologin.to_i.day.ago) && token.user && token.user.active? | |||
| token.user.update_column(:last_login_on, Time.now) | |||
| token.user | |||
| end | |||
| user = Token.find_active_user('autologin', key, Setting.autologin.to_i) | |||
| if user | |||
| user.update_column(:last_login_on, Time.now) | |||
| user | |||
| end | |||
| end | |||
| @@ -367,13 +363,11 @@ class User < Principal | |||
| end | |||
| def self.find_by_rss_key(key) | |||
| token = Token.find_by_action_and_value('feeds', key.to_s) | |||
| token && token.user.active? ? token.user : nil | |||
| Token.find_active_user('feeds', key) | |||
| end | |||
| def self.find_by_api_key(key) | |||
| token = Token.find_by_action_and_value('api', key.to_s) | |||
| token && token.user.active? ? token.user : nil | |||
| Token.find_active_user('api', key) | |||
| end | |||
| # Makes find_by_mail case-insensitive | |||
Loading…