Commit 3fa0928d authored by jplang's avatar jplang

Refactors methods for searching a user by token.

git-svn-id: https://svn.redmine.org/redmine/trunk@11296 e93f8b46-1217-0410-a6f0-8f06a7374b81
parent 9150cfa5
......@@ -37,11 +37,26 @@ class Token < ActiveRecord::Base
Token.delete_all ["action NOT IN (?) AND created_on < ?", ['feeds', 'api'], Time.now - @@validity_time]
end
private
# Returns the active user who owns the key for the given action
def self.find_active_user(action, key, validity_days=nil)
action = action.to_s
key = key.to_s
return nil unless action.present? && key =~ /\A[a-f0-9]+\z/
token = find_by_action_and_value(action, key)
if token && token.user && token.user.active?
if validity_days.nil? || (token.created_on > validity_days.ago)
token.user
end
end
end
def self.generate_token_value
Redmine::Utils.random_hex(20)
end
private
# Removes obsolete tokens (same user and action)
def delete_previous_tokens
if user
......
......@@ -190,14 +190,10 @@ class User < Principal
# Returns the user who matches the given autologin +key+ or nil
def self.try_to_autologin(key)
tokens = Token.find_all_by_action_and_value('autologin', key.to_s)
# Make sure there's only 1 token that matches the key
if tokens.size == 1
token = tokens.first
if (token.created_on > Setting.autologin.to_i.day.ago) && token.user && token.user.active?
token.user.update_column(:last_login_on, Time.now)
token.user
end
user = Token.find_active_user('autologin', key, Setting.autologin.to_i)
if user
user.update_column(:last_login_on, Time.now)
user
end
end
......@@ -367,13 +363,11 @@ class User < Principal
end
def self.find_by_rss_key(key)
token = Token.find_by_action_and_value('feeds', key.to_s)
token && token.user.active? ? token.user : nil
Token.find_active_user('feeds', key)
end
def self.find_by_api_key(key)
token = Token.find_by_action_and_value('api', key.to_s)
token && token.user.active? ? token.user : nil
Token.find_active_user('api', key)
end
# Makes find_by_mail case-insensitive
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment