Revocable sessions (#3616)
* feat: Revocable sessions * fix: Tests using sign_in * feat: Configuration entry for the maximum number of session activationsmaster
parent
3783cadf2d
commit
2211e8d1cd
@ -0,0 +1,38 @@ |
||||
# frozen_string_literal: true |
||||
# == Schema Information |
||||
# |
||||
# Table name: session_activations |
||||
# |
||||
# id :integer not null, primary key |
||||
# user_id :integer not null |
||||
# session_id :string not null |
||||
# created_at :datetime not null |
||||
# updated_at :datetime not null |
||||
# |
||||
|
||||
class SessionActivation < ApplicationRecord |
||||
LIMIT = Rails.configuration.x.max_session_activations |
||||
|
||||
def self.active?(id) |
||||
id && where(session_id: id).exists? |
||||
end |
||||
|
||||
def self.activate(id) |
||||
activation = create!(session_id: id) |
||||
purge_old |
||||
activation |
||||
end |
||||
|
||||
def self.deactivate(id) |
||||
return unless id |
||||
where(session_id: id).destroy_all |
||||
end |
||||
|
||||
def self.purge_old |
||||
order('created_at desc').offset(LIMIT).destroy_all |
||||
end |
||||
|
||||
def self.exclusive(id) |
||||
where('session_id != ?', id).destroy_all |
||||
end |
||||
end |
@ -0,0 +1,5 @@ |
||||
# frozen_string_literal: true |
||||
|
||||
Rails.application.configure do |
||||
config.x.max_session_activations = ENV['MAX_SESSION_ACTIVATIONS'] || 10 |
||||
end |
@ -0,0 +1,13 @@ |
||||
class CreateSessionActivations < ActiveRecord::Migration[5.1] |
||||
def change |
||||
create_table :session_activations do |t| |
||||
t.integer :user_id, null: false |
||||
t.string :session_id, null: false |
||||
|
||||
t.timestamps |
||||
end |
||||
|
||||
add_index :session_activations, :user_id |
||||
add_index :session_activations, :session_id, unique: true |
||||
end |
||||
end |
@ -0,0 +1,4 @@ |
||||
Fabricator(:session_activation) do |
||||
user_id 1 |
||||
session_id "MyString" |
||||
end |
@ -0,0 +1,5 @@ |
||||
require 'rails_helper' |
||||
|
||||
RSpec.describe SessionActivation, type: :model do |
||||
pending "add some examples to (or delete) #{__FILE__}" |
||||
end |
Loading…
Reference in new issue