summaryrefslogtreecommitdiffstats
path: root/app/models
diff options
context:
space:
mode:
authorJean-Philippe Lang <jp_lang@yahoo.fr>2013-02-02 08:46:58 +0000
committerJean-Philippe Lang <jp_lang@yahoo.fr>2013-02-02 08:46:58 +0000
commit9e0723c11b929ebe53f897d18a25466b8b80849a (patch)
tree4cad57476950f57615636c0d43f4013b52475e8f /app/models
parent8b010e85e362245eece363682895fa0c445dc83b (diff)
downloadredmine-9e0723c11b929ebe53f897d18a25466b8b80849a.tar.gz
redmine-9e0723c11b929ebe53f897d18a25466b8b80849a.zip
Refactors methods for searching a user by token.
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@11296 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/models')
-rw-r--r--app/models/token.rb17
-rw-r--r--app/models/user.rb18
2 files changed, 22 insertions, 13 deletions
diff --git a/app/models/token.rb b/app/models/token.rb
index 1627b7587..c14175ea8 100644
--- a/app/models/token.rb
+++ b/app/models/token.rb
@@ -37,11 +37,26 @@ class Token < ActiveRecord::Base
Token.delete_all ["action NOT IN (?) AND created_on < ?", ['feeds', 'api'], Time.now - @@validity_time]
end
-private
+ # Returns the active user who owns the key for the given action
+ def self.find_active_user(action, key, validity_days=nil)
+ action = action.to_s
+ key = key.to_s
+ return nil unless action.present? && key =~ /\A[a-f0-9]+\z/
+
+ token = find_by_action_and_value(action, key)
+ if token && token.user && token.user.active?
+ if validity_days.nil? || (token.created_on > validity_days.ago)
+ token.user
+ end
+ end
+ end
+
def self.generate_token_value
Redmine::Utils.random_hex(20)
end
+ private
+
# Removes obsolete tokens (same user and action)
def delete_previous_tokens
if user
diff --git a/app/models/user.rb b/app/models/user.rb
index 05f4bd706..ec3cc3fc5 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -190,14 +190,10 @@ class User < Principal
# Returns the user who matches the given autologin +key+ or nil
def self.try_to_autologin(key)
- tokens = Token.find_all_by_action_and_value('autologin', key.to_s)
- # Make sure there's only 1 token that matches the key
- if tokens.size == 1
- token = tokens.first
- if (token.created_on > Setting.autologin.to_i.day.ago) && token.user && token.user.active?
- token.user.update_column(:last_login_on, Time.now)
- token.user
- end
+ user = Token.find_active_user('autologin', key, Setting.autologin.to_i)
+ if user
+ user.update_column(:last_login_on, Time.now)
+ user
end
end
@@ -367,13 +363,11 @@ class User < Principal
end
def self.find_by_rss_key(key)
- token = Token.find_by_action_and_value('feeds', key.to_s)
- token && token.user.active? ? token.user : nil
+ Token.find_active_user('feeds', key)
end
def self.find_by_api_key(key)
- token = Token.find_by_action_and_value('api', key.to_s)
- token && token.user.active? ? token.user : nil
+ Token.find_active_user('api', key)
end
# Makes find_by_mail case-insensitive