Refactors methods for searching a user by token.
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@11296 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
parent
8b010e85e3
commit
9e0723c11b
|
@ -37,11 +37,26 @@ class Token < ActiveRecord::Base
|
|||
Token.delete_all ["action NOT IN (?) AND created_on < ?", ['feeds', 'api'], Time.now - @@validity_time]
|
||||
end
|
||||
|
||||
private
|
||||
# Returns the active user who owns the key for the given action
|
||||
def self.find_active_user(action, key, validity_days=nil)
|
||||
action = action.to_s
|
||||
key = key.to_s
|
||||
return nil unless action.present? && key =~ /\A[a-f0-9]+\z/
|
||||
|
||||
token = find_by_action_and_value(action, key)
|
||||
if token && token.user && token.user.active?
|
||||
if validity_days.nil? || (token.created_on > validity_days.ago)
|
||||
token.user
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
def self.generate_token_value
|
||||
Redmine::Utils.random_hex(20)
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
# Removes obsolete tokens (same user and action)
|
||||
def delete_previous_tokens
|
||||
if user
|
||||
|
|
|
@ -190,14 +190,10 @@ class User < Principal
|
|||
|
||||
# Returns the user who matches the given autologin +key+ or nil
|
||||
def self.try_to_autologin(key)
|
||||
tokens = Token.find_all_by_action_and_value('autologin', key.to_s)
|
||||
# Make sure there's only 1 token that matches the key
|
||||
if tokens.size == 1
|
||||
token = tokens.first
|
||||
if (token.created_on > Setting.autologin.to_i.day.ago) && token.user && token.user.active?
|
||||
token.user.update_column(:last_login_on, Time.now)
|
||||
token.user
|
||||
end
|
||||
user = Token.find_active_user('autologin', key, Setting.autologin.to_i)
|
||||
if user
|
||||
user.update_column(:last_login_on, Time.now)
|
||||
user
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -367,13 +363,11 @@ class User < Principal
|
|||
end
|
||||
|
||||
def self.find_by_rss_key(key)
|
||||
token = Token.find_by_action_and_value('feeds', key.to_s)
|
||||
token && token.user.active? ? token.user : nil
|
||||
Token.find_active_user('feeds', key)
|
||||
end
|
||||
|
||||
def self.find_by_api_key(key)
|
||||
token = Token.find_by_action_and_value('api', key.to_s)
|
||||
token && token.user.active? ? token.user : nil
|
||||
Token.find_active_user('api', key)
|
||||
end
|
||||
|
||||
# Makes find_by_mail case-insensitive
|
||||
|
|
Loading…
Reference in New Issue