| @@ -1,5 +1,5 | |||||
| 1 |
# |
|
1 | # Redmine - project management software | |
| 2 | # Copyright (C) 2006 Jean-Philippe Lang |
|
2 | # Copyright (C) 2006-2009 Jean-Philippe Lang | |
| 3 | # |
|
3 | # | |
| 4 | # This program is free software; you can redistribute it and/or |
|
4 | # This program is free software; you can redistribute it and/or | |
| 5 | # modify it under the terms of the GNU General Public License |
|
5 | # modify it under the terms of the GNU General Public License | |
| @@ -19,6 +19,8 class Token < ActiveRecord::Base | |||||
| 19 | belongs_to :user |
|
19 | belongs_to :user | |
| 20 | validates_uniqueness_of :value |
|
20 | validates_uniqueness_of :value | |
| 21 |
|
21 | |||
|
|
22 | before_create :delete_previous_tokens | |||
|
|
23 | ||||
| 22 | @@validity_time = 1.day |
|
24 | @@validity_time = 1.day | |
| 23 |
|
25 | |||
| 24 | def before_create |
|
26 | def before_create | |
| @@ -39,4 +41,11 private | |||||
| 39 | def self.generate_token_value |
|
41 | def self.generate_token_value | |
| 40 | ActiveSupport::SecureRandom.hex(20) |
|
42 | ActiveSupport::SecureRandom.hex(20) | |
| 41 | end |
|
43 | end | |
|
|
44 | ||||
|
|
45 | # Removes obsolete tokens (same user and action) | |||
|
|
46 | def delete_previous_tokens | |||
|
|
47 | if user | |||
|
|
48 | Token.delete_all(['user_id = ? AND action = ?', user.id, action]) | |||
|
|
49 | end | |||
|
|
50 | end | |||
| 42 | end |
|
51 | end | |
| @@ -1,5 +1,5 | |||||
| 1 |
# |
|
1 | # Redmine - project management software | |
| 2 |
# Copyright (C) 2006-200 |
|
2 | # Copyright (C) 2006-2009 Jean-Philippe Lang | |
| 3 | # |
|
3 | # | |
| 4 | # This program is free software; you can redistribute it and/or |
|
4 | # This program is free software; you can redistribute it and/or | |
| 5 | # modify it under the terms of the GNU General Public License |
|
5 | # modify it under the terms of the GNU General Public License | |
| @@ -26,4 +26,13 class TokenTest < Test::Unit::TestCase | |||||
| 26 | assert_equal 40, token.value.length |
|
26 | assert_equal 40, token.value.length | |
| 27 | assert !token.expired? |
|
27 | assert !token.expired? | |
| 28 | end |
|
28 | end | |
|
|
29 | ||||
|
|
30 | def test_create_should_remove_existing_tokens | |||
|
|
31 | user = User.find(1) | |||
|
|
32 | t1 = Token.create(:user => user, :action => 'autologin') | |||
|
|
33 | t2 = Token.create(:user => user, :action => 'autologin') | |||
|
|
34 | assert_not_equal t1.value, t2.value | |||
|
|
35 | assert !Token.exists?(t1.id) | |||
|
|
36 | assert Token.exists?(t2.id) | |||
|
|
37 | end | |||
| 29 | end |
|
38 | end | |
General Comments 0
You need to be logged in to leave comments.
Login now