class Clearance::Session

Represents a clearance session, ultimately persisted in ‘request.env` by {RackSession}.

Public Class Methods

new(env) click to toggle source

@param env The current rack environment

# File lib/clearance/session.rb, line 8
def initialize(env)
  @env = env
  @current_user = nil
  @cookies = nil
end

Public Instance Methods

authentication_successful?() click to toggle source

True if a successful authentication has been performed

@return [Boolean]

# File lib/clearance/session.rb, line 98
def authentication_successful?
  !!@current_user
end
current_user() click to toggle source

The current user represented by this session.

@return [User, nil]

# File lib/clearance/session.rb, line 26
def current_user
  if remember_token.present?
    @current_user ||= user_from_remember_token(remember_token)
  end

  @current_user
end
sign_in(user, &block) click to toggle source

Sign the provided user in, if approved by the configured sign in guards. If the sign in guard stack returns {SuccessStatus}, the {#current_user} will be set and then remember token cookie will be set to the user’s remember token. If the stack returns {FailureStatus}, {#current_user} will be nil.

In either event, the resulting status will be yielded to a provided block, if provided. See {SessionsController#create} for an example of how this can be used.

@param [User] user @yieldparam [SuccessStatus,FailureStatus] status Result of the sign in

operation.

@return [void]

# File lib/clearance/session.rb, line 48
def sign_in(user, &block)
  @current_user = user
  status = run_sign_in_stack

  if status.success?
    # Sign in succeeded, and when {RackSession} is run and calls
    # {#add_cookie_to_headers} it will set the cookie with the
    # remember_token for the current_user
  else
    @current_user = nil
  end

  if block_given?
    block.call(status)
  end
end
sign_out() click to toggle source

Invalidates the users remember token and removes the remember token cookie from the store. The invalidation of the remember token causes any other sessions that are signed in from other locations to also be invalidated on their next request. This is because all Clearance sessions for a given user share a remember token.

@return [void]

# File lib/clearance/session.rb, line 72
def sign_out
  if signed_in?
    current_user.reset_remember_token!
  end

  @current_user = nil
  cookies.delete remember_token_cookie, delete_cookie_options
end
signed_in?() click to toggle source

True if {#current_user} is set.

@return [Boolean]

# File lib/clearance/session.rb, line 84
def signed_in?
  current_user.present?
end
signed_out?() click to toggle source

True if {#current_user} is not set

@return [Boolean]

# File lib/clearance/session.rb, line 91
def signed_out?
  ! signed_in?
end

Private Instance Methods

cookies() click to toggle source

@api private

# File lib/clearance/session.rb, line 105
def cookies
  @cookies ||= ActionDispatch::Request.new(@env).cookie_jar
end
domain() click to toggle source

@api private

# File lib/clearance/session.rb, line 194
def domain
  if configured_cookie_domain.respond_to?(:call)
    configured_cookie_domain.call(request_with_env)
  else
    configured_cookie_domain
  end
end
expires_configuration() click to toggle source

@api private

# File lib/clearance/session.rb, line 148
def expires_configuration
  Clearance.configuration.cookie_expiration
end
initialize_sign_in_guard_stack() click to toggle source

@api private

# File lib/clearance/session.rb, line 164
def initialize_sign_in_guard_stack
  default_guard = DefaultSignInGuard.new(self)
  guards = Clearance.configuration.sign_in_guards

  guards.inject(default_guard) do |stack, guard_class|
    guard_class.to_s.constantize.new(self, stack)
  end
end
remember_token() click to toggle source

@api private

# File lib/clearance/session.rb, line 121
def remember_token
  case Clearance.configuration.signed_cookie
  when true
    cookies.signed[remember_token_cookie]
  when :migrate
    cookies.signed[remember_token_cookie] || cookies[remember_token_cookie]
  when false
    cookies[remember_token_cookie]
  end
end
remember_token_expires() click to toggle source

@api private

# File lib/clearance/session.rb, line 133
def remember_token_expires
  expires_configuration.call(cookies)
end
request_with_env() click to toggle source

@api private

# File lib/clearance/session.rb, line 208
def request_with_env
  ActionDispatch::Request.new(@env)
end
run_sign_in_stack() click to toggle source

@api private

# File lib/clearance/session.rb, line 158
def run_sign_in_stack
  @stack ||= initialize_sign_in_guard_stack
  @stack.call
end
set_remember_token(token) click to toggle source

@api private

# File lib/clearance/session.rb, line 110
def set_remember_token(token)
  case Clearance.configuration.signed_cookie
  when true, :migrate
    cookies.signed[remember_token_cookie] = cookie_options(token)
  when false
    cookies[remember_token_cookie] = cookie_options(token)
  end
  remember_token
end
signed_in_with_remember_token?() click to toggle source

@api private

# File lib/clearance/session.rb, line 138
def signed_in_with_remember_token?
  current_user&.remember_token
end
user_from_remember_token(token) click to toggle source

@api private

# File lib/clearance/session.rb, line 153
def user_from_remember_token(token)
  Clearance.configuration.user_model.where(remember_token: token).first
end