better_record 0.19.9 → 0.19.10
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 565899148bf26aa0a6bcc5a859a8ad7bddd663236795d912b86500f1dd23c098
|
4
|
+
data.tar.gz: 646c14fb0e1b3223438c6f9544de291ae1112e01b358212bc8ffc1ff25455892
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 8bbda81459dbbb205d48c18120fd9322d0bee1ae3add696bad443c37bcfb5f95190605527dd203542ab6a4d4b50f3e416a2b260fdd4e9e230f98ab0d9d1d76bf
|
7
|
+
data.tar.gz: e90f178d07d262529cfe54dae781e7bb1de5d22cf7addda16f2ad7619e472cb4cba57e442ccf9341d2701db401718a6ed46d16035bdb308049e2338a02f3fd0c
|
data/lib/better_record.rb
CHANGED
@@ -24,6 +24,7 @@ module BetterRecord
|
|
24
24
|
:session_column,
|
25
25
|
:session_data,
|
26
26
|
:session_authenticate_method,
|
27
|
+
:disallow_sessions,
|
27
28
|
:certificate_session_class,
|
28
29
|
:certificate_session_column,
|
29
30
|
:certificate_session_user_method,
|
@@ -79,6 +80,7 @@ module BetterRecord
|
|
79
80
|
self.certificate_is_hashed = Boolean.strict_parse(ENV.fetch('BR_CERTIFICATE_IS_HASHED') { false })
|
80
81
|
self.certificate_cleaning_method = (ENV.fetch('BR_CERTIFICATE_CLEANING_METHOD') { :clean_certificate })&.to_sym
|
81
82
|
self.certificate_cleaning_send_as_arg = Boolean.strict_parse(ENV.fetch('BR_CERTIFICATE_CLEANING_AS_ARG') { false })
|
83
|
+
self.disallow_sessions = Boolean.strict_parse(ENV.fetch('BR_DISALLOW_SESSIONS') { false })
|
82
84
|
self.token_decryption_method = (ENV.fetch('BR_TOKEN_DECRYPTION_METHOD') { '' }).presence&.to_sym
|
83
85
|
self.token_encryption_method = (ENV.fetch('BR_TOKEN_ENCRYPTION_METHOD') { '' }).presence&.to_sym
|
84
86
|
self.token_send_as_arg = Boolean.strict_parse(ENV.fetch('BR_TOKEN_AS_ARG') { false })
|
data/lib/better_record/jwt.rb
CHANGED
@@ -73,7 +73,7 @@ module BetterRecord
|
|
73
73
|
if logged_in?
|
74
74
|
begin
|
75
75
|
data = current_user_session_data
|
76
|
-
if data[:
|
76
|
+
if (data[:token_device_id] == requesting_device_id) || session[:current_user]
|
77
77
|
if !data[:created_at] ||
|
78
78
|
(data[:created_at].to_i > 14.days.ago.to_i)
|
79
79
|
if user = session_class.find_by(session_column => data[:user_id])
|
@@ -106,7 +106,7 @@ module BetterRecord
|
|
106
106
|
data = session_data ? session_data.call(user) : {
|
107
107
|
user_id: user.__send__(session_column),
|
108
108
|
created_at: Time.now.to_i,
|
109
|
-
|
109
|
+
token_device_id: requesting_device_id
|
110
110
|
}
|
111
111
|
BetterRecord::JWT.encode(data.merge(additional_headers.except(*data.keys)))
|
112
112
|
end
|
@@ -184,22 +184,26 @@ module BetterRecord
|
|
184
184
|
@current_token ||= authenticate_with_http_token do |token, **options|
|
185
185
|
decrypt_token(token, options).presence
|
186
186
|
end
|
187
|
-
else
|
188
|
-
@current_token ||= session[:current_user]
|
189
187
|
end
|
188
|
+
|
189
|
+
@current_token ||= session[:current_user] unless BetterRecord.disallow_sessions
|
190
190
|
end
|
191
191
|
|
192
192
|
def current_token=(value)
|
193
193
|
@current_token = value
|
194
|
+
|
194
195
|
if use_bearer_token
|
195
196
|
set_auth_header
|
196
|
-
|
197
|
+
end
|
198
|
+
|
199
|
+
unless BetterRecord.disallow_sessions
|
197
200
|
if value.blank?
|
198
201
|
session.delete(:current_user)
|
199
202
|
else
|
200
203
|
session[:current_user] = value
|
201
204
|
end
|
202
205
|
end
|
206
|
+
|
203
207
|
@current_token
|
204
208
|
end
|
205
209
|
|