module Henlo::Revocable
Module allows the blacklist of tokens as identified by the jti (jwt identifier) Blacklisted refresh tokens cannot be used to generate new id tokens
Public Class Methods
token_blockt(payload, resource)
click to toggle source
Method called when the identifier as encoded in the token payload does not match what was stored in the database or when the revoke token route is called by the user in cases of breach such as device loss the token is blacklisted and the resource is flagged as needing blacklist checks
# File lib/henlo/revocable.rb, line 10 def self.token_blockt(payload, resource) resource.blacklist_check == true resource.save! blacklisted_token = BlacklistedToken.create( token_jti: payload["jti"], exp_in_unix: payload["exp"] ) end
token_rekt()
click to toggle source
Call this period in a scheduled task to clean expired tokens from the database
# File lib/henlo/revocable.rb, line 22 def self.token_rekt BlacklistedToken.each do |token| token.destroy unless Time.now.utc < token.exp_in_unix end end