main
1class Session < ActiveRecord::Base
2 belongs_to :user
3 before_create :create_key
4
5 def access(request)
6 self.ip_address = request.remote_ip
7 if save
8 {
9 value: self.key,
10 httponly: true,
11 secure: Rails.env.production? || Rails.env.staging?,
12 expires: 2.weeks.from_now
13 }
14 else
15 raise "heck"
16 end
17 end
18
19 def revoke!
20 update_attribute(:revoked_at, Time.now.utc)
21 end
22
23 class << self
24 def active
25 where(revoked_at: nil)
26 end
27
28 def authenticate!(session_key)
29 active.find_by!(key: session_key)
30 end
31 end
32
33 private
34
35 def create_key
36 self.key = SecureRandom.uuid
37 end
38end