module TokenSecretAuth
Constants
- DEFAULT_SALT
salt for the id ONLY, optional config - even if user doesn't change this
the only possible leak is the id
- VERSION
Public Class Methods
configure() { |self| ... }
click to toggle source
recommended configuration: TokenSecretAuth.configure do |config|
config.id_salt = 'some appropriate saltiness'
end
# File lib/token_secret_auth/base.rb, line 20 def configure yield self @id_salt = DEFAULT_SALT if @id_salt.nil? set_hash_id_instance(@id_salt) end
hash_id()
click to toggle source
TokenSecretAuth.hash_id returns the stored instance of Hashids
used for generating any Token
# File lib/token_secret_auth/base.rb, line 12 def hash_id @hid end
id_salt=(salt)
click to toggle source
set salt for hashing IDs
# File lib/token_secret_auth/base.rb, line 27 def id_salt=(salt) @id_salt = salt end
included(base)
click to toggle source
# File lib/token_secret_auth/base.rb, line 78 def self.included(base) base.extend(ClassMethods) end
Protected Class Methods
set_hash_id_instance(salt)
click to toggle source
TokenSecretAuth.set_hash_id_instance call only once
# File lib/token_secret_auth/base.rb, line 33 def set_hash_id_instance(salt) @hid = Hashids.new(salt, 12) end
Public Instance Methods
generate_secret()
click to toggle source
the model can call this method to generate a new password for the user it should then encrypt this password for storage in db
# File lib/token_secret_auth/base.rb, line 90 def generate_secret self.password = self.class.generate_secret end
token()
click to toggle source
Returns the object's ID attribute encoded as a token
# File lib/token_secret_auth/base.rb, line 83 def token return nil if !id encode(id) end
Private Instance Methods
encode(value)
click to toggle source
# File lib/token_secret_auth/base.rb, line 100 def encode(value) TokenSecretAuth.hash_id.encode(value) end
secret_length()
click to toggle source
# File lib/token_secret_auth/base.rb, line 96 def secret_length @secret_length ||= 32 end