RubyGems - crypt_ident - Versions diffs - 0.2.1 - Mend

crypt_ident 0.2.1

Files changed (85) hide show

checksums.yaml +7 -0
data/.gitignore +8 -0
data/.rubocop.yml +29 -0
data/.ruby-version +1 -0
data/.travis.yml +7 -0
data/.yardopts +16 -0
data/CODE_OF_CONDUCT.md +74 -0
data/Gemfile +6 -0
data/Gemfile.lock +263 -0
data/Guardfile +26 -0
data/HISTORY.md +22 -0
data/LICENSE.txt +21 -0
data/README.md +548 -0
data/Rakefile +93 -0
data/bin/_guard-core +29 -0
data/bin/bundle +105 -0
data/bin/byebug +29 -0
data/bin/code_climate_reek +29 -0
data/bin/coderay +29 -0
data/bin/commonmarker +29 -0
data/bin/console +14 -0
data/bin/erubis +29 -0
data/bin/flay +29 -0
data/bin/flog +29 -0
data/bin/github-markup +29 -0
data/bin/guard +29 -0
data/bin/inch +29 -0
data/bin/kwalify +29 -0
data/bin/listen +29 -0
data/bin/pry +29 -0
data/bin/rackup +29 -0
data/bin/rake +29 -0
data/bin/redcarpet +29 -0
data/bin/reek +29 -0
data/bin/rubocop +29 -0
data/bin/ruby-parse +29 -0
data/bin/ruby-rewrite +29 -0
data/bin/ruby_parse +29 -0
data/bin/ruby_parse_extract_error +29 -0
data/bin/sequel +29 -0
data/bin/setup +34 -0
data/bin/sparkr +29 -0
data/bin/term_cdiff +29 -0
data/bin/term_colortab +29 -0
data/bin/term_decolor +29 -0
data/bin/term_display +29 -0
data/bin/term_mandel +29 -0
data/bin/term_snow +29 -0
data/bin/thor +29 -0
data/bin/yard +29 -0
data/bin/yardoc +29 -0
data/bin/yri +29 -0
data/config.reek +19 -0
data/crypt_ident.gemspec +80 -0
data/docs/CryptIdent.html +2276 -0
data/docs/_index.html +116 -0
data/docs/class_list.html +51 -0
data/docs/css/common.css +1 -0
data/docs/css/full_list.css +58 -0
data/docs/css/style.css +496 -0
data/docs/file.CODE_OF_CONDUCT.html +145 -0
data/docs/file.HISTORY.html +91 -0
data/docs/file.LICENSE.html +70 -0
data/docs/file.README.html +692 -0
data/docs/file_list.html +71 -0
data/docs/frames.html +17 -0
data/docs/index.html +692 -0
data/docs/js/app.js +292 -0
data/docs/js/full_list.js +216 -0
data/docs/js/jquery.js +4 -0
data/docs/method_list.html +115 -0
data/docs/top-level-namespace.html +110 -0
data/lib/crypt_ident.rb +13 -0
data/lib/crypt_ident/change_password.rb +184 -0
data/lib/crypt_ident/config.rb +47 -0
data/lib/crypt_ident/generate_reset_token.rb +212 -0
data/lib/crypt_ident/reset_password.rb +207 -0
data/lib/crypt_ident/session_expired.rb +91 -0
data/lib/crypt_ident/sign_in.rb +189 -0
data/lib/crypt_ident/sign_out.rb +96 -0
data/lib/crypt_ident/sign_up.rb +160 -0
data/lib/crypt_ident/update_session_expiry.rb +125 -0
data/lib/crypt_ident/version.rb +6 -0
data/scripts/build-gem-list.rb +91 -0
metadata +547 -0

@@ -0,0 +1,2276 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="utf-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>
+  Module: CryptIdent
+    &mdash; crypt_ident Module Documentation
+</title>
+  <link rel="stylesheet" href="css/style.css" type="text/css" charset="utf-8" />
+  <link rel="stylesheet" href="css/common.css" type="text/css" charset="utf-8" />
+<script type="text/javascript" charset="utf-8">
+  pathId = "CryptIdent";
+  relpath = '';
+</script>
+  <script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
+  <script type="text/javascript" charset="utf-8" src="js/app.js"></script>
+  </head>
+  <body>
+    <div class="nav_wrap">
+      <iframe id="nav" src="class_list.html?1"></iframe>
+      <div id="resizer"></div>
+    </div>
+    <div id="main" tabindex="-1">
+      <div id="header">
+        <div id="menu">
+    <a href="_index.html">Index (C)</a> &raquo;
+    <span class="title">CryptIdent</span>
+</div>
+        <div id="search">
+    <a class="full_list_link" id="class_list_link"
+        href="class_list.html">
+        <svg width="24" height="24">
+          <rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
+          <rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
+          <rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
+        </svg>
+    </a>
+</div>
+        <div class="clear"></div>
+      </div>
+      <div id="content"><h1>Module: CryptIdent
+</h1>
+<div class="box_info">
+  <dl>
+      <dt>Extended by:</dt>
+      <dd>Dry::Configurable</dd>
+  </dl>
+  <dl>
+    <dt>Defined in:</dt>
+    <dd>lib/crypt_ident/config.rb<span class="defines">,<br />
+  lib/crypt_ident/sign_in.rb,<br /> lib/crypt_ident/sign_up.rb,<br /> lib/crypt_ident/version.rb,<br /> lib/crypt_ident/sign_out.rb,<br /> lib/crypt_ident/reset_password.rb,<br /> lib/crypt_ident/change_password.rb,<br /> lib/crypt_ident/session_expired.rb,<br /> lib/crypt_ident/generate_reset_token.rb,<br /> lib/crypt_ident/update_session_expiry.rb</span>
+</dd>
+  </dl>
+</div>
+<h2>Overview</h2><div class="docstring">
+  <div class="discussion">
+    <p>Include and interact with <code>CryptIdent</code> to add authentication to a
+Hanami controller action.</p>
+<p>Note the emphasis on <em>controller action</em>; this module interacts with session
+data, which is quite theoretically possible in an Interactor but practically
+<em>quite</em> the PITA. YHBW.</p>
+  </div>
+</div>
+<div class="tags">
+<p class="tag_title">Author:</p>
+<ul class="author">
+    <li>
+        <div class='inline'><p>Jeff Dickey</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Version:</p>
+<ul class="version">
+    <li>
+        <div class='inline'><p>0.2.0</p>
+</div>
+    </li>
+</ul>
+</div>
+    <h2>
+      Constant Summary
+      <small><a href="#" class="constants_summary_toggle">collapse</a></small>
+    </h2>
+    <dl class="constants">
+        <dt id="VERSION-constant" class="">VERSION =
+          <div class="docstring">
+  <div class="discussion">
+    <p>Version number for Gem. Uses Semantic Versioning.</p>
+  </div>
+</div>
+<div class="tags">
+</div>
+        </dt>
+        <dd><pre class="code"><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>0.2.1</span><span class='tstring_end'>&#39;</span></span></pre></dd>
+    </dl>
+    <h2>
+      Instance Method Summary
+      <small><a href="#" class="summary_toggle">collapse</a></small>
+    </h2>
+    <ul class="summary">
+        <li class="public ">
+  <span class="summary_signature">
+      <a href="#change_password-instance_method" title="#change_password (instance method)">#<strong>change_password</strong>(user_in, current_password, new_password) {|result| ... } </a>
+  </span>
+    <span class="summary_desc"><div class='inline'><p>Change an Authenticated User&#39;s password.</p>
+</div></span>
+</li>
+        <li class="public ">
+  <span class="summary_signature">
+      <a href="#generate_reset_token-instance_method" title="#generate_reset_token (instance method)">#<strong>generate_reset_token</strong>(user_name, current_user: nil) {|result| ... } </a>
+  </span>
+    <span class="summary_desc"><div class='inline'><p>Generate a Password Reset Token.</p>
+</div></span>
+</li>
+        <li class="public ">
+  <span class="summary_signature">
+      <a href="#reset_password-instance_method" title="#reset_password (instance method)">#<strong>reset_password</strong>(token, new_password, current_user: nil) {|result| ... } </a>
+  </span>
+    <span class="summary_desc"><div class='inline'><p>Reset the password for the User associated with a Password Reset Token.</p>
+</div></span>
+</li>
+        <li class="public ">
+  <span class="summary_signature">
+      <a href="#session_expired%3F-instance_method" title="#session_expired? (instance method)">#<strong>session_expired?</strong>(session_data = {})  &#x21d2; Boolean </a>
+  </span>
+    <span class="summary_desc"><div class='inline'><p>Determine whether the Session has Expired due to User inactivity.</p>
+</div></span>
+</li>
+        <li class="public ">
+  <span class="summary_signature">
+      <a href="#sign_in-instance_method" title="#sign_in (instance method)">#<strong>sign_in</strong>(user_in, password, current_user: nil) {|result| ... } </a>
+  </span>
+    <span class="summary_desc"><div class='inline'><p>Attempt to Authenticate a User, passing in an Entity for that User (which <strong>must</strong> contain a <code>password_hash</code> attribute), and a Clear-Text Password.</p>
+</div></span>
+</li>
+        <li class="public ">
+  <span class="summary_signature">
+      <a href="#sign_out-instance_method" title="#sign_out (instance method)">#<strong>sign_out</strong>(current_user:) {|result| ... } </a>
+  </span>
+    <span class="summary_desc"><div class='inline'><p>Sign out a previously Authenticated User.</p>
+</div></span>
+</li>
+        <li class="public ">
+  <span class="summary_signature">
+      <a href="#sign_up-instance_method" title="#sign_up (instance method)">#<strong>sign_up</strong>(attribs, current_user:) {|result| ... } </a>
+  </span>
+    <span class="summary_desc"><div class='inline'><p>Persist a new User to a Repository based on passed-in attributes, where the resulting Entity (on success) contains a  <code>:password_hash</code> attribute containing the encrypted value of a <strong>random</strong> Clear-Text Password; any <code>password</code> value within <code>attribs</code> is ignored.</p>
+</div></span>
+</li>
+        <li class="public ">
+  <span class="summary_signature">
+      <a href="#update_session_expiry-instance_method" title="#update_session_expiry (instance method)">#<strong>update_session_expiry</strong>(session_data = {})  &#x21d2; Hash </a>
+  </span>
+    <span class="summary_desc"><div class='inline'><p>Generate a Hash containing an updated Session Expiration timestamp, which can then be used for session management.</p>
+</div></span>
+</li>
+    </ul>
+  <div id="instance_method_details" class="method_details_list">
+    <h2>Instance Method Details</h2>
+      <div class="method_details first">
+  <h3 class="signature first" id="change_password-instance_method">
+    #<strong>change_password</strong>(user_in, current_password, new_password) {|result| ... }
+</h3><div class="docstring">
+  <div class="discussion">
+    <p class="note returns_void">This method returns an undefined value.</p><p>Change an Authenticated User&#39;s password.</p>
+<p>To change an Authenticated User&#39;s password, an Entity for that User, the
+current Clear-Text Password, and the new Clear-Text Password are required.
+The method accepts an optional <code>repo</code> parameter to specify a Repository
+instance to which the updated User Entity should be persisted; if none is
+specified (i.e., if the parameter has its default value of <code>nil</code>), then the
+<code>UserRepository</code> specified in the Configuration is used.</p>
+<p>The method <em>requires</em> a block, to which a <code>result</code> indicating success or
+failure is yielded. That block <strong>must</strong> in turn call <strong>both</strong>
+<code>result.success</code> and <code>result.failure</code> to handle success and failure results,
+respectively. On success, the block yielded to by <code>result.success</code> is called
+and passed a <code>user:</code> parameter, which is identical to the <code>user</code> parameter
+passed in to <code>#change_password</code> <em>except</em> that the <code>:password_hash</code> attribute
+has been updated to reflect the changed password. The updated value for the
+encrypted password will also have been saved to the Repository.</p>
+<p>On failure, the <code>result.failure</code> call will yield a <code>code:</code> parameter to its
+block, which indicates the cause of failure as follows:</p>
+<p>If the specified password <em>did not</em> match the passed-in <code>user</code> Entity, then
+the <code>code:</code> for failure will be <code>:bad_password</code>.</p>
+<p>If the specified <code>user</code> was <em>other than</em> a User Entity representing a
+Registered User, then the <code>code:</code> for failure will be <code>:invalid_user</code>.</p>
+<p>Note that no check for the Current User is done here; this method trusts the
+Controller Action Class that (possibly indirectly) invokes it to guard that
+contingency properly.</p>
+  </div>
+</div>
+<div class="tags">
+  <div class="examples">
+    <p class="tag_title">Examples:</p>
+        <p class="example_title"><div class='inline'><p>for a Controller Action Class (refactor in real use; demo only)</p>
+</div></p>
+      <pre class="example code"><code><span class='kw'>def</span> <span class='id identifier rubyid_call'>call</span><span class='lparen'>(</span><span class='id identifier rubyid_params'>params</span><span class='rparen'>)</span>
+  <span class='id identifier rubyid_user_in'>user_in</span> <span class='op'>=</span> <span class='id identifier rubyid_session'>session</span><span class='lbracket'>[</span><span class='symbol'>:current_user</span><span class='rbracket'>]</span>
+  <span class='id identifier rubyid_error_code'>error_code</span> <span class='op'>=</span> <span class='symbol'>:unassigned</span>
+  <span class='id identifier rubyid_config'>config</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="" title="CryptIdent (module)">CryptIdent</a></span></span><span class='period'>.</span><span class='id identifier rubyid_config'>config</span>
+  <span class='id identifier rubyid_change_password'>change_password</span><span class='lparen'>(</span><span class='id identifier rubyid_user_in'>user_in</span><span class='comma'>,</span> <span class='id identifier rubyid_params'>params</span><span class='lbracket'>[</span><span class='symbol'>:password</span><span class='rbracket'>]</span><span class='comma'>,</span>
+                  <span class='id identifier rubyid_params'>params</span><span class='lbracket'>[</span><span class='symbol'>:new_password</span><span class='rbracket'>]</span><span class='rparen'>)</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_result'>result</span><span class='op'>|</span>
+    <span class='id identifier rubyid_result'>result</span><span class='period'>.</span><span class='id identifier rubyid_success'>success</span> <span class='kw'>do</span> <span class='op'>|</span><span class='label'>user:</span><span class='op'>|</span>
+      <span class='ivar'>@user</span> <span class='op'>=</span> <span class='id identifier rubyid_user'>user</span>
+      <span class='id identifier rubyid_flash'>flash</span><span class='lbracket'>[</span><span class='id identifier rubyid_config'>config</span><span class='period'>.</span><span class='id identifier rubyid_success_key'>success_key</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>User </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_user'>user</span><span class='period'>.</span><span class='id identifier rubyid_name'>name</span><span class='embexpr_end'>}</span><span class='tstring_content'> password changed.</span><span class='tstring_end'>&quot;</span></span>
+      <span class='id identifier rubyid_redirect_to'>redirect_to</span> <span class='id identifier rubyid_routes'>routes</span><span class='period'>.</span><span class='id identifier rubyid_root_path'>root_path</span>
+    <span class='kw'>end</span>
+    <span class='id identifier rubyid_result'>result</span><span class='period'>.</span><span class='id identifier rubyid_failure'>failure</span> <span class='kw'>do</span> <span class='op'>|</span><span class='label'>code:</span><span class='op'>|</span>
+      <span class='id identifier rubyid_flash'>flash</span><span class='lbracket'>[</span><span class='id identifier rubyid_config'>config</span><span class='period'>.</span><span class='id identifier rubyid_error_key'>error_key</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_error_message_for'>error_message_for</span><span class='lparen'>(</span><span class='id identifier rubyid_code'>code</span><span class='rparen'>)</span>
+    <span class='kw'>end</span>
+  <span class='kw'>end</span>
+<span class='kw'>end</span>
+<span class='id identifier rubyid_private'>private</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_error_message_for'>error_message_for</span><span class='lparen'>(</span><span class='id identifier rubyid_code'>code</span><span class='rparen'>)</span>
+  <span class='comment'># ...
+</span><span class='kw'>end</span></code></pre>
+  </div>
+<p class="tag_title">Parameters:</p>
+<ul class="param">
+    <li>
+        <span class='name'>user_in</span>
+        <span class='type'>(<tt>User</tt>)</span>
+        &mdash;
+        <div class='inline'><p>The User Entity from which to get the valid Encrypted
+Password and other non-Password attributes</p>
+</div>
+    </li>
+    <li>
+        <span class='name'>current_password</span>
+        <span class='type'>(<tt>String</tt>)</span>
+        &mdash;
+        <div class='inline'><p>The current Clear-Text Password for the
+specified User</p>
+</div>
+    </li>
+    <li>
+        <span class='name'>new_password</span>
+        <span class='type'>(<tt>String</tt>)</span>
+        &mdash;
+        <div class='inline'><p>The new Clear-Text Password to encrypt and add
+to the returned Entity, and persist to the Repository</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Yield Parameters:</p>
+<ul class="yieldparam">
+    <li>
+        <span class='name'>result</span>
+        <span class='type'>(<tt>Dry::Matcher::Evaluator</tt>)</span>
+        &mdash;
+        <div class='inline'><p>Indicates whether the attempt
+to create a new User succeeded or failed. Block <strong>must</strong>
+call <strong>both</strong> <code>result.success</code> and <code>result.failure</code> methods,
+where the block passed to <code>result.success</code> accepts a parameter
+for <code>user:</code> (which is the newly-created User Entity). The
+block passed to <code>result.failure</code> accepts a parameter for
+<code>code:</code>, which is a Symbol reporting the reason for the
+failure (as described above).</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Yield Returns:</p>
+<ul class="yieldreturn">
+    <li>
+        <span class='type'>(<tt>void</tt>)</span>
+        &mdash;
+        <div class='inline'><p>Use the <code>result.success</code> and <code>result.failure</code>
+method-call blocks to retrieve data from the method.</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Since:</p>
+<ul class="since">
+    <li>
+        <div class='inline'><p>0.1.0</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Required Authentication Status:</p>
+<ul class="authenticated">
+    <li>
+        <div class='inline'><p>Must be Authenticated.</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Session Data Interacted With:</p>
+<ul class="session_data">
+    <li>
+        <div class='inline'><p>Implies that <code>:current_user</code> <strong>must</strong> be an Entity for a Registered User</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Ubiquitous Language Terms:</p>
+<ul class="ubiq_lang">
+    <li>
+        <div class='inline'><ul>
+<li>Authentication</li>
+<li>Clear-Text Password</li>
+<li>Encrypted Password</li>
+<li>Entity</li>
+<li>Guest User</li>
+<li>Registered User</li>
+<li>Repository</li>
+</ul>
+</div>
+    </li>
+</ul>
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+103
+104
+105
+106
+107
+108</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/crypt_ident/change_password.rb', line 103</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_change_password'>change_password</span><span class='lparen'>(</span><span class='id identifier rubyid_user_in'>user_in</span><span class='comma'>,</span> <span class='id identifier rubyid_current_password'>current_password</span><span class='comma'>,</span> <span class='id identifier rubyid_new_password'>new_password</span><span class='rparen'>)</span>
+  <span class='id identifier rubyid_call_params'>call_params</span> <span class='op'>=</span> <span class='lbracket'>[</span><span class='id identifier rubyid_current_password'>current_password</span><span class='comma'>,</span> <span class='id identifier rubyid_new_password'>new_password</span><span class='rbracket'>]</span>
+  <span class='const'>ChangePassword</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='label'>user:</span> <span class='id identifier rubyid_user_in'>user_in</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_call'>call</span><span class='lparen'>(</span><span class='op'>*</span><span class='id identifier rubyid_call_params'>call_params</span><span class='rparen'>)</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_result'>result</span><span class='op'>|</span>
+    <span class='kw'>yield</span> <span class='id identifier rubyid_result'>result</span>
+  <span class='kw'>end</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+      <div class="method_details ">
+  <h3 class="signature " id="generate_reset_token-instance_method">
+    #<strong>generate_reset_token</strong>(user_name, current_user: nil) {|result| ... }
+</h3><div class="docstring">
+  <div class="discussion">
+    <p class="note returns_void">This method returns an undefined value.</p><p>Generate a Password Reset Token</p>
+<p>Password Reset Tokens are useful for verifying that the person requesting a
+Password Reset for an existing User is sufficiently likely to be the person
+who Registered that User or, if not, that no compromise or other harm is
+done.</p>
+<p>Typically, this is done by sending a link through email or other such medium
+to the address previously associated with the User purportedly requesting
+the Password Reset. <code>CryptIdent</code> <em>does not</em> automate generation or sending
+of the email message. What it <em>does</em> provide is a method to generate a new
+Password Reset Token to be embedded into an HTML anchor link within an email
+that you construct, and then another method (<code>#reset_password</code>) to actually
+change the password given a valid, correct token.</p>
+<p>It also implements an expiry system, such that if the confirmation of the
+Password Reset request is not completed within a configurable time, that the
+token is no longer valid (and so cannot be later reused by unauthorised
+persons).</p>
+<p>This method <em>requires</em> a block, to which a <code>result</code> indicating success or
+failure is yielded. That block <strong>must</strong> in turn call <strong>both</strong>
+<code>result.success</code> and <code>result.failure</code> to handle success and failure results,
+respectively. On success, the block yielded to by <code>result.success</code> is called
+and passed a <code>user:</code> parameter, which is identical to the <code>user</code> parameter
+passed in to <code>#generate_reset_token</code> <em>except</em> that the <code>:token</code> and
+<code>:password_reset_expires_at</code> attributes have been updated to reflect the
+token request. An updated record matching that <code>:user</code> Entity will also have
+been saved to the Repository.</p>
+<p>On failure, the <code>result.failure</code> call will yield three parameters: <code>:code</code>,
+<code>:current_user</code>, and <code>:name</code>, and will be set as follows:</p>
+<p>If the <code>:code</code> value is <code>:user_logged_in</code>, that indicates that the
+<code>current_user</code> parameter to this method represented a Registered User. In
+this event, the <code>:current_user</code> value passed in to the <code>result.failure</code> call
+will be the same User Entity passed into the method, and the <code>:name</code> value
+will be <code>:unassigned</code>.</p>
+<p>If the <code>:code</code> value is <code>:user_not_found</code>, the named User was not found in
+the Repository. The <code>:current_user</code> parameter will be the Guest User Entity,
+and the <code>:name</code> parameter to the <code>result.failure</code> block will be the
+<code>user_name</code> value passed into the method.</p>
+  </div>
+</div>
+<div class="tags">
+  <div class="examples">
+    <p class="tag_title">Examples:</p>
+        <p class="example_title"><div class='inline'><p>Demonstrating a (refactorable) Controller Action Class #call method</p>
+</div></p>
+      <pre class="example code"><code>
+def call(params)
+  config = CryptIdent.config
+  # Remember that reading an Entity stored in session data will in fact
+  #   return a *Hash of its attribute values*. This is acceptable.
+  other_params = { current_user: session[:current_user] }
+  generate_reset_token(params[:name], other_params) do |result|
+    result.success do |user:|
+      @user = user
+      flash[config.success_key] = &#39;Request for #{user.name} sent&#39;
+    end
+    result.failure do |code:, current_user:, name:| do
+      respond_to_error(code, current_user, name)
+    end
+  end
+end
+private
+def respond_to_error(code, current_user, name)
+  # ...
+end</code></pre>
+  </div>
+<p class="tag_title">Parameters:</p>
+<ul class="param">
+    <li>
+        <span class='name'>user_name</span>
+        <span class='type'>(<tt>String</tt>)</span>
+        &mdash;
+        <div class='inline'><p>The name of the User for whom a Password Reset
+Token is to be generated.</p>
+</div>
+    </li>
+    <li>
+        <span class='name'>current_user</span>
+        <span class='type'>(<tt>User</tt>, <tt>Hash</tt>)</span>
+        &mdash;
+        <div class='inline'><p>Entity representing the currently
+Authenticated User Entity. This <strong>must</strong> be a Registered
+User, either as an Entity or as a Hash of attributes.</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Yield Parameters:</p>
+<ul class="yieldparam">
+    <li>
+        <span class='name'>result</span>
+        <span class='type'>(<tt>Dry::Matcher::Evaluator</tt>)</span>
+        &mdash;
+        <div class='inline'><p>Indicates whether the attempt
+to generate a new Reset Token succeeded or failed. The lock
+<strong>must</strong> call <strong>both</strong> <code>result.success</code> and <code>result.failure</code>
+methods, where the block passed to <code>result.success</code> accepts a
+parameter for <code>user:</code>, which is a User Entity with the
+specified <code>name</code> value as well as non-<code>nil</code> values for its
+<code>:token</code> and <code>:password_reset_expires_at</code> attributes. The
+block passed to <code>result.failure</code> accepts parameters for
+<code>code:</code>, <code>current_user:</code>, and <code>name</code> as described above.</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Yield Returns:</p>
+<ul class="yieldreturn">
+    <li>
+        <span class='type'>(<tt>void</tt>)</span>
+        &mdash;
+        <div class='inline'><p>Use the <code>result.success</code> and <code>result.failure</code>
+method-call blocks to retrieve data from the method.</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Since:</p>
+<ul class="since">
+    <li>
+        <div class='inline'><p>0.1.0</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Required Authentication Status:</p>
+<ul class="authenticated">
+    <li>
+        <div class='inline'><p>Must not be Authenticated.</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Session Data Interacted With:</p>
+<ul class="session_data">
+    <li>
+        <div class='inline'><p><code>:current_user</code> <strong>must not</strong> be a Registered User.</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Ubiquitous Language Terms:</p>
+<ul class="ubiq_lang">
+    <li>
+        <div class='inline'><ul>
+<li>Authentication</li>
+<li>Guest User</li>
+<li>Password Reset Token</li>
+<li>Registered User</li>
+</ul>
+</div>
+    </li>
+</ul>
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+113
+114
+115
+116
+117
+118</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/crypt_ident/generate_reset_token.rb', line 113</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_generate_reset_token'>generate_reset_token</span><span class='lparen'>(</span><span class='id identifier rubyid_user_name'>user_name</span><span class='comma'>,</span> <span class='label'>current_user:</span> <span class='kw'>nil</span><span class='rparen'>)</span>
+  <span class='id identifier rubyid_other_params'>other_params</span> <span class='op'>=</span> <span class='lbrace'>{</span> <span class='label'>current_user:</span> <span class='id identifier rubyid_current_user'>current_user</span> <span class='rbrace'>}</span>
+  <span class='const'>GenerateResetToken</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='period'>.</span><span class='id identifier rubyid_call'>call</span><span class='lparen'>(</span><span class='id identifier rubyid_user_name'>user_name</span><span class='comma'>,</span> <span class='id identifier rubyid_other_params'>other_params</span><span class='rparen'>)</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_result'>result</span><span class='op'>|</span>
+    <span class='kw'>yield</span> <span class='id identifier rubyid_result'>result</span>
+  <span class='kw'>end</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+      <div class="method_details ">
+  <h3 class="signature " id="reset_password-instance_method">
+    #<strong>reset_password</strong>(token, new_password, current_user: nil) {|result| ... }
+</h3><div class="docstring">
+  <div class="discussion">
+    <p class="note returns_void">This method returns an undefined value.</p><p>Reset the password for the User associated with a Password Reset Token.</p>
+<p>After a Password Reset Token has been
+<a href="#generate_reset_token-instance_method">generated</a> and sent to a User, that
+User would then exercise the Client system and perform a Password Reset.</p>
+<p>Calling <code>#reset_password</code> is different than calling <code>#change_password</code> in
+one vital respect: with <code>#change_password</code>, the User involved <strong>must</strong> be
+the Current User (as presumed by passing the appropriate User Entity in as
+the <code>current_user:</code> parameter), whereas <code>#reset_password</code> <strong>must not</strong> be
+called with <em>any</em> User other than the Guest User as the <code>current_user:</code>
+parameter (and, again presumably, the Current User for the session). How can
+we assure ourselves that the request is legitimate for a specific User? By
+use of the Token generated by a previous call to <code>#generate_reset_token</code>,
+which is used <em>in place of</em> a User Name for this request.</p>
+<p>Given a valid set of parameters, and given that the updated User is
+successfully persisted, the method calls the <strong>required</strong> block with a
+<code>result</code> whose <code>result.success</code> matcher is yielded a <code>user:</code> parameter with
+the updated User as its value.</p>
+<p>NOTE: Each of the error returns documented below calls the <strong>required</strong>
+block with a <code>result</code> whose <code>result.failure</code> matcher is yielded a <code>code:</code>
+parameter as described, and a <code>token:</code> parameter that has the same value
+as the passed-in <code>token</code> parameter.</p>
+<p>If the passed-in <code>token</code> parameter matches the <code>token</code> field of a record in
+the Repository <em>and</em> that Token is determined to have Expired, then the
+<code>code:</code> parameter mentioned earlier will have the value <code>:expired_token</code>.</p>
+<p>If the passed-in <code>token</code> parameter <em>does not</em> match the <code>token</code> field of any
+record in the Repository, then the <code>code:</code> parameter will have the value
+<code>:token_not_found</code>.</p>
+<p>If the passed-in <code>current_user:</code> parameter is a Registered User, then the
+<code>code:</code> parameter will have the value <code>:invalid_current_user</code>.</p>
+<p>In no event are session values, including the Current User, changed. After a
+successful Password Reset, the User must Authenticate as usual.</p>
+  </div>
+</div>
+<div class="tags">
+  <div class="examples">
+    <p class="tag_title">Examples:</p>
+      <pre class="example code"><code>def call(params)
+  reset_password(params[:token], params[:new_password],
+                 current_user: session[:current_user]) do |result
+    result.success do |user:|
+      @user = user
+      message = &quot;Password for #{user.name} successfully reset.&quot;
+      flash[CryptIdent.config.success_key] = message
+      redirect_to routes.root_path
+    end
+    result.failure do |code:, token:|
+      failure_key = CryptIdent.config.failure_key
+      flash[failure_key] = failure_message_for(code, token)
+    end
+  end
+end
+private
+def failure_message_for(code, token)
+  # ...
+end</code></pre>
+  </div>
+<p class="tag_title">Parameters:</p>
+<ul class="param">
+    <li>
+        <span class='name'>token</span>
+        <span class='type'>(<tt>String</tt>)</span>
+        &mdash;
+        <div class='inline'><p>The Password Reset Token previously communicated to
+the User.</p>
+</div>
+    </li>
+    <li>
+        <span class='name'>new_password</span>
+        <span class='type'>(<tt>String</tt>)</span>
+        &mdash;
+        <div class='inline'><p>New Clear-Text Password to encrypt and add to
+return value</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Yield Parameters:</p>
+<ul class="yieldparam">
+    <li>
+        <span class='name'>result</span>
+        <span class='type'>(<tt>Dry::Matcher::Evaluator</tt>)</span>
+        &mdash;
+        <div class='inline'><p>Indicates whether the attempt
+to generate a new Reset Token succeeded or failed. The lock
+<strong>must</strong> call <strong>both</strong> <code>result.success</code> and <code>result.failure</code>
+methods, where the block passed to <code>result.success</code> accepts a
+parameter for <code>user:</code>, which is a User Entity with the
+specified <code>name</code> value as well as non-<code>nil</code> values for its
+<code>:token</code> and <code>:password_reset_expires_at</code> attributes. The
+block passed to <code>result.failure</code> accepts parameters for
+<code>code:</code>, <code>current_user:</code>, and <code>name</code> as described above.</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Yield Returns:</p>
+<ul class="yieldreturn">
+    <li>
+        <span class='type'>(<tt>void</tt>)</span>
+        &mdash;
+        <div class='inline'><p>Use the <code>result.success</code> and <code>result.failure</code>
+method-call blocks to retrieve data from the method.</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Since:</p>
+<ul class="since">
+    <li>
+        <div class='inline'><p>0.1.0</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Required Authentication Status:</p>
+<ul class="authenticated">
+    <li>
+        <div class='inline'><p>Must not be Authenticated.</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Session Data Interacted With:</p>
+<ul class="session_data">
+    <li>
+        <div class='inline'><p><code>:current_user</code> <strong>must not</strong> be a Registered User.</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Ubiquitous Language Terms:</p>
+<ul class="ubiq_lang">
+    <li>
+        <div class='inline'><ul>
+<li>Authentication</li>
+<li>Clear-Text Password</li>
+<li>Encrypted Password</li>
+<li>Password Reset Token</li>
+<li>Registered User</li>
+</ul>
+</div>
+    </li>
+</ul>
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+111
+112
+113
+114
+115
+116</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/crypt_ident/reset_password.rb', line 111</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_reset_password'>reset_password</span><span class='lparen'>(</span><span class='id identifier rubyid_token'>token</span><span class='comma'>,</span> <span class='id identifier rubyid_new_password'>new_password</span><span class='comma'>,</span> <span class='label'>current_user:</span> <span class='kw'>nil</span><span class='rparen'>)</span>
+  <span class='id identifier rubyid_other_params'>other_params</span> <span class='op'>=</span> <span class='lbrace'>{</span> <span class='label'>current_user:</span> <span class='id identifier rubyid_current_user'>current_user</span> <span class='rbrace'>}</span>
+  <span class='const'>ResetPassword</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='period'>.</span><span class='id identifier rubyid_call'>call</span><span class='lparen'>(</span><span class='id identifier rubyid_token'>token</span><span class='comma'>,</span> <span class='id identifier rubyid_new_password'>new_password</span><span class='comma'>,</span> <span class='id identifier rubyid_other_params'>other_params</span><span class='rparen'>)</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_result'>result</span><span class='op'>|</span>
+    <span class='kw'>yield</span> <span class='id identifier rubyid_result'>result</span>
+  <span class='kw'>end</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+      <div class="method_details ">
+  <h3 class="signature " id="session_expired?-instance_method">
+    #<strong>session_expired?</strong>(session_data = {})  &#x21d2; <tt>Boolean</tt>
+</h3><div class="docstring">
+  <div class="discussion">
+    <p>Determine whether the Session has Expired due to User inactivity.</p>
+<p>This is one of two methods in <code>CryptIdent</code> (the other being
+<a href="#update_session_expiry"><code>#update_session_expiry?</code></a>) which <em>does not</em> follow
+the <code>result</code>/success/failure <a href="#interfaces">monad workflow</a>. This is because
+there is no success/failure division in the workflow. Calling the method
+determines if the Current User session has Expired. If the passed-in
+<code>:current_user</code> is a Registered User, then this will return <code>true</code> if the
+current time is <em>later than</em> the passed-in <code>:expires_at</code> value; for the
+Guest User, it should always return <code>false</code>. (Guest User sessions never
+expire; after all, what would you change the session state to?).</p>
+<p>The client code is responsible for applying these values to its own actual
+session data, as described by the sample session-management code shown in
+the README.</p>
+  </div>
+</div>
+<div class="tags">
+  <div class="examples">
+    <p class="tag_title">Examples:</p>
+        <p class="example_title"><div class='inline'><p>As used in module included by Controller Action Class (see README)</p>
+</div></p>
+      <pre class="example code"><code><span class='kw'>def</span> <span class='id identifier rubyid_validate_session'>validate_session</span>
+  <span class='id identifier rubyid_updates'>updates</span> <span class='op'>=</span> <span class='id identifier rubyid_update_session_expiry'>update_session_expiry</span><span class='lparen'>(</span><span class='id identifier rubyid_session'>session</span><span class='rparen'>)</span>
+  <span class='kw'>if</span> <span class='op'>!</span><span class='id identifier rubyid_session_expired?'>session_expired?</span><span class='lparen'>(</span><span class='id identifier rubyid_session'>session</span><span class='rparen'>)</span>
+    <span class='id identifier rubyid_session'>session</span><span class='lbracket'>[</span><span class='symbol'>:expires_at</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_updates'>updates</span><span class='lbracket'>[</span><span class='symbol'>:expires_at</span><span class='rbracket'>]</span>
+    <span class='kw'>return</span>
+  <span class='kw'>end</span>
+  <span class='comment'># ... sign out and redirect appropriately ...
+</span><span class='kw'>end</span></code></pre>
+  </div>
+<p class="tag_title">Parameters:</p>
+<ul class="param">
+    <li>
+        <span class='name'>session_data</span>
+        <span class='type'>(<tt>Hash</tt>)</span>
+        <em class="default">(defaults to: <tt>{}</tt>)</em>
+        &mdash;
+        <div class='inline'><p>The Rack session data of interest to the method.
+If the <code>:current_user</code> entry is defined, it <strong>must</strong> be either
+a User Entity or <code>nil</code>, signifying the Guest User. If the
+<code>:expires_at</code> entry is defined, its value in the returned Hash
+<em>will</em> be different.</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Returns:</p>
+<ul class="return">
+    <li>
+        <span class='type'>(<tt>Boolean</tt>)</span>
+    </li>
+</ul>
+<p class="tag_title">Since:</p>
+<ul class="since">
+    <li>
+        <div class='inline'><p>0.1.0</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Required Authentication Status:</p>
+<ul class="authenticated">
+    <li>
+        <div class='inline'><p>Must be Authenticated.</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Session Data Interacted With:</p>
+<ul class="session_data">
+    <li>
+        <div class='inline'><p><code>:current_user</code> <strong>must</strong> be an Entity for a Registered User on entry
+<code>:expires_at</code>   read during determination of expiry status</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Ubiquitous Language Terms:</p>
+<ul class="ubiq_lang">
+    <li>
+        <div class='inline'><ul>
+<li>Authentication</li>
+<li>Current User</li>
+<li>Guest User</li>
+<li>Registered User</li>
+<li>Session Expiration</li>
+</ul>
+</div>
+    </li>
+</ul>
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+58
+59
+60</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/crypt_ident/session_expired.rb', line 58</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_session_expired?'>session_expired?</span><span class='lparen'>(</span><span class='id identifier rubyid_session_data'>session_data</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
+  <span class='const'>SessionExpired</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='period'>.</span><span class='id identifier rubyid_call'>call</span><span class='lparen'>(</span><span class='id identifier rubyid_session_data'>session_data</span><span class='rparen'>)</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+      <div class="method_details ">
+  <h3 class="signature " id="sign_in-instance_method">
+    #<strong>sign_in</strong>(user_in, password, current_user: nil) {|result| ... }
+</h3><div class="docstring">
+  <div class="discussion">
+    <p class="note returns_void">This method returns an undefined value.</p><p>Attempt to Authenticate a User, passing in an Entity for that User (which
+<strong>must</strong> contain a <code>password_hash</code> attribute), and a Clear-Text Password.
+It also passes in the Current User.</p>
+<p>If the Current User is not a Registered User, then Authentication of the
+specified User Entity against the specified Password is accomplished by
+comparing the User Entity&#39;s <code>password_hash</code> attribute to the passed-in
+Clear-Text Password.</p>
+<p>The method <em>requires</em> a block, to which a <code>result</code> indicating success or
+failure is yielded. That block <strong>must</strong> in turn call <strong>both</strong>
+<code>result.success</code> and <code>result.failure</code> to handle success and failure results,
+respectively. On success, the block yielded to by <code>result.success</code> is called
+and passed a <code>user:</code> parameter, which is the Authenticated User (and is the
+same Entity as the <code>user</code> parameter passed in to <code>#sign_in</code>).</p>
+<p>On failure, the <code>result.failure</code> call will yield a <code>code:</code> parameter to its
+block, which indicates the cause of failure as follows:</p>
+<p>If the specified password <em>did not</em> match the passed-in <code>user</code> Entity, then
+the <code>code:</code> for failure will be <code>:invalid_password</code>.</p>
+<p>If the specified <code>user</code> was not a Registered User, then the <code>code:</code> for
+failure will be <code>:user_is_guest</code>.</p>
+<p>If the specified <code>current_user</code> is <em>neither</em> the Guest User <em>nor</em> the <code>user</code>
+passed in as a parameter to <code>#sign_in</code>, then the <code>code:</code> for failure will be
+<code>:illegal_current_user</code>.</p>
+<p>On <em>success,</em> the Controller-level client code <strong>must</strong> set:</p>
+<ul>
+<li><code>session[:expires_at]</code> to the expiration time for the session. This is
+ordinarily computed by adding the current time as returned by <code>Time.now</code>
+to the <code>:session_expiry</code> value in the current configuration.</li>
+<li><code>session[:current_user]</code> to tne returned <em>Entity</em> for the successfully
+Authenticated User. This is to eliminate possible repeated reads of the
+Repository.</li>
+</ul>
+<p>On <em>failure,</em> the Controller-level client code <strong>should</strong> set:</p>
+<ul>
+<li><code>session[:expires_at]</code> to some sufficiently-past time to <em>always</em> trigger
+<code>#session_expired?</code>; <code>Hanami::Utils::Kernel.Time(0)</code> does this quite well
+(returning midnight GMT on 1 January 1970, converted to local time).</li>
+<li><code>session[:current_user]</code> to either <code>nil</code> or the Guest User.</li>
+</ul>
+  </div>
+</div>
+<div class="tags">
+  <div class="examples">
+    <p class="tag_title">Examples:</p>
+        <p class="example_title"><div class='inline'><p>As in a Controller Action Class (which you&#39;d refactor somewhat):</p>
+</div></p>
+      <pre class="example code"><code>def call(params)
+  user = UserRepository.new.find_by_email(params[:email])
+  guest_user = CryptIdent.config.guest_user
+  return update_session_data(guest_user, 0) unless user
+  current_user = session[:current_user]
+  config = CryptIdent.config
+  sign_in(user, params[:password], current_user: current_user) do |result|
+    result.success do |user:|
+      @user = user
+      update_session_data(user, Time.now)
+      flash[config.success_key] = &quot;User #{user.name} signed in.&quot;
+      redirect_to routes.root_path
+    end
+    result.failure do |code:|
+      update_session_data(guest_user, config, 0)
+      flash[config.error_key] = error_message_for(code)
+    end
+  end
+private
+def error_message_for(code)
+  # ...
+end
+def update_session_data(user, time)
+  session[:current_user] = user
+  expiry = Time.now + CryptIdent.config.session_expiry
+  session[:expires_at] == Hanami::Utils::Kernel.Time(expiry)
+end</code></pre>
+  </div>
+<p class="tag_title">Parameters:</p>
+<ul class="param">
+    <li>
+        <span class='name'>user_in</span>
+        <span class='type'>(<tt>User</tt>)</span>
+        &mdash;
+        <div class='inline'><p>Entity representing a User to be Authenticated.</p>
+</div>
+    </li>
+    <li>
+        <span class='name'>password</span>
+        <span class='type'>(<tt>String</tt>)</span>
+        &mdash;
+        <div class='inline'><p>Claimed Clear-Text Password for the specified User.</p>
+</div>
+    </li>
+    <li>
+        <span class='name'>current_user</span>
+        <span class='type'>(<tt>User</tt>, <tt>nil</tt>)</span>
+        &mdash;
+        <div class='inline'><p>Entity representing the currently
+Authenticated User Entity; either <code>nil</code> or the Guest User if
+none.</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Yield Parameters:</p>
+<ul class="yieldparam">
+    <li>
+        <span class='name'>result</span>
+        <span class='type'>(<tt>Dry::Matcher::Evaluator</tt>)</span>
+        &mdash;
+        <div class='inline'><p>Indicates whether the attempt
+to Authenticate a User succeeded or failed. Block <strong>must</strong>
+call <strong>both</strong> <code>result.success</code> and <code>result.failure</code> methods,
+where the block passed to <code>result.success</code> accepts a parameter
+for <code>user:</code> (which is the newly-created User Entity). The
+block passed to <code>result.failure</code> accepts a parameter for
+<code>code:</code>, which is a Symbol reporting the reason for the
+failure (as described above).</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Yield Returns:</p>
+<ul class="yieldreturn">
+    <li>
+        <span class='type'>(<tt>void</tt>)</span>
+    </li>
+</ul>
+<p class="tag_title">Since:</p>
+<ul class="since">
+    <li>
+        <div class='inline'><p>0.1.0</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Required Authentication Status:</p>
+<ul class="authenticated">
+    <li>
+        <div class='inline'><p>Must not be Authenticated as a different User.</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Session Data Interacted With:</p>
+<ul class="session_data">
+    <li>
+        <div class='inline'><p><code>:current_user</code> <strong>must not</strong> be a Registered User</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Ubiquitous Language Terms:</p>
+<ul class="ubiq_lang">
+    <li>
+        <div class='inline'><ul>
+<li>Authenticated User</li>
+<li>Authentication</li>
+<li>Clear-Text Password</li>
+<li>Entity</li>
+<li>Guest User</li>
+<li>Registered User</li>
+</ul>
+</div>
+    </li>
+</ul>
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+123
+124
+125
+126</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/crypt_ident/sign_in.rb', line 123</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_sign_in'>sign_in</span><span class='lparen'>(</span><span class='id identifier rubyid_user_in'>user_in</span><span class='comma'>,</span> <span class='id identifier rubyid_password'>password</span><span class='comma'>,</span> <span class='label'>current_user:</span> <span class='kw'>nil</span><span class='rparen'>)</span>
+  <span class='id identifier rubyid_params'>params</span> <span class='op'>=</span> <span class='lbrace'>{</span> <span class='label'>user:</span> <span class='id identifier rubyid_user_in'>user_in</span><span class='comma'>,</span> <span class='label'>password:</span> <span class='id identifier rubyid_password'>password</span><span class='comma'>,</span> <span class='label'>current_user:</span> <span class='id identifier rubyid_current_user'>current_user</span> <span class='rbrace'>}</span>
+  <span class='const'>SignIn</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='period'>.</span><span class='id identifier rubyid_call'>call</span><span class='lparen'>(</span><span class='id identifier rubyid_params'>params</span><span class='rparen'>)</span> <span class='lbrace'>{</span> <span class='op'>|</span><span class='id identifier rubyid_result'>result</span><span class='op'>|</span> <span class='kw'>yield</span> <span class='id identifier rubyid_result'>result</span> <span class='rbrace'>}</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+      <div class="method_details ">
+  <h3 class="signature " id="sign_out-instance_method">
+    #<strong>sign_out</strong>(current_user:) {|result| ... }
+</h3><div class="docstring">
+  <div class="discussion">
+    <p class="note returns_void">This method returns an undefined value.</p><p>Sign out a previously Authenticated User.</p>
+<p>The method <em>requires</em> a block, to which a <code>result</code> indicating success or
+failure is yielded. (Presently, any call to <code>#sign_out</code> results in success.)
+That block <strong>must</strong> in turn call <strong>both</strong> <code>result.success</code> and
+<code>result.failure</code> (even though no failure is implemented) to handle success
+and failure results, respectively. On success, the block yielded to by
+<code>result.success</code> is called without parameters.</p>
+  </div>
+</div>
+<div class="tags">
+  <div class="examples">
+    <p class="tag_title">Examples:</p>
+        <p class="example_title"><div class='inline'><p>Controller Action Class method example resetting values</p>
+</div></p>
+      <pre class="example code"><code><span class='kw'>def</span> <span class='id identifier rubyid_call'>call</span><span class='lparen'>(</span><span class='id identifier rubyid__params'>_params</span><span class='rparen'>)</span>
+  <span class='id identifier rubyid_sign_out'>sign_out</span><span class='lparen'>(</span><span class='id identifier rubyid_session'>session</span><span class='lbracket'>[</span><span class='symbol'>:current_user</span><span class='rbracket'>]</span><span class='rparen'>)</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_result'>result</span><span class='op'>|</span>
+    <span class='id identifier rubyid_result'>result</span><span class='period'>.</span><span class='id identifier rubyid_success'>success</span> <span class='kw'>do</span>
+      <span class='id identifier rubyid_session'>session</span><span class='lbracket'>[</span><span class='symbol'>:current_user</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="" title="CryptIdent (module)">CryptIdent</a></span></span><span class='period'>.</span><span class='id identifier rubyid_config'>config</span><span class='period'>.</span><span class='id identifier rubyid_guest_user'>guest_user</span>
+      <span class='id identifier rubyid_session'>session</span><span class='lbracket'>[</span><span class='symbol'>:expires_at</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='const'>Hanami</span><span class='op'>::</span><span class='const'>Utils</span><span class='op'>::</span><span class='const'>Kernel</span><span class='period'>.</span><span class='const'>Time</span><span class='lparen'>(</span><span class='int'>0</span><span class='rparen'>)</span>
+    <span class='kw'>end</span>
+    <span class='id identifier rubyid_result'>result</span><span class='period'>.</span><span class='id identifier rubyid_failure'>failure</span> <span class='lbrace'>{</span> <span class='kw'>next</span> <span class='rbrace'>}</span>
+  <span class='kw'>end</span>
+<span class='kw'>end</span></code></pre>
+        <p class="example_title"><div class='inline'><p>Controller Action Class method example deleting values</p>
+</div></p>
+      <pre class="example code"><code><span class='kw'>def</span> <span class='id identifier rubyid_call'>call</span><span class='lparen'>(</span><span class='id identifier rubyid__params'>_params</span><span class='rparen'>)</span>
+  <span class='id identifier rubyid_sign_out'>sign_out</span><span class='lparen'>(</span><span class='id identifier rubyid_session'>session</span><span class='lbracket'>[</span><span class='symbol'>:current_user</span><span class='rbracket'>]</span><span class='rparen'>)</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_result'>result</span><span class='op'>|</span>
+    <span class='id identifier rubyid_result'>result</span><span class='period'>.</span><span class='id identifier rubyid_success'>success</span> <span class='kw'>do</span>
+      <span class='id identifier rubyid_session'>session</span><span class='lbracket'>[</span><span class='symbol'>:current_user</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='kw'>nil</span>
+      <span class='id identifier rubyid_session'>session</span><span class='lbracket'>[</span><span class='symbol'>:expires_at</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='kw'>nil</span>
+    <span class='kw'>end</span>
+    <span class='id identifier rubyid_result'>result</span><span class='period'>.</span><span class='id identifier rubyid_failure'>failure</span> <span class='lbrace'>{</span> <span class='kw'>next</span> <span class='rbrace'>}</span>
+  <span class='kw'>end</span>
+<span class='kw'>end</span></code></pre>
+  </div>
+<p class="tag_title">Parameters:</p>
+<ul class="param">
+    <li>
+        <span class='name'>current_user</span>
+        <span class='type'>(<tt>User</tt>, <tt>`nil`</tt>)</span>
+        &mdash;
+        <div class='inline'><p>Entity representing the currently
+Authenticated User Entity. This <strong>should</strong> be a Registered
+User.</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Yield Parameters:</p>
+<ul class="yieldparam">
+    <li>
+        <span class='name'>result</span>
+        <span class='type'>(<tt>Dry::Matcher::Evaluator</tt>)</span>
+        &mdash;
+        <div class='inline'><p>Normally, used to report
+whether a method succeeded or failed. The block <strong>must</strong>
+call <strong>both</strong> <code>result.success</code> and <code>result.failure</code> methods.
+In practice, parameters to both may presently be safely
+ignored.</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Yield Returns:</p>
+<ul class="yieldreturn">
+    <li>
+        <span class='type'>(<tt>void</tt>)</span>
+    </li>
+</ul>
+<p class="tag_title">Since:</p>
+<ul class="since">
+    <li>
+        <div class='inline'><p>0.1.0</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Required Authentication Status:</p>
+<ul class="authenticated">
+    <li>
+        <div class='inline'><p>Should be Authenticated.</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Session Data Interacted With:</p>
+<ul class="session_data">
+    <li>
+        <div class='inline'><p>See method description above.</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Ubiquitous Language Terms:</p>
+<ul class="ubiq_lang">
+    <li>
+        <div class='inline'><ul>
+<li>Authenticated User</li>
+<li>Authentication</li>
+<li>Controller Action Class</li>
+<li>Entity</li>
+<li>Guest User</li>
+<li>Interactor</li>
+<li>Repository</li>
+</ul>
+</div>
+    </li>
+</ul>
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+74
+75
+76</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/crypt_ident/sign_out.rb', line 74</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_sign_out'>sign_out</span><span class='lparen'>(</span><span class='label'>current_user:</span><span class='rparen'>)</span>
+  <span class='const'>SignOut</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='period'>.</span><span class='id identifier rubyid_call'>call</span><span class='lparen'>(</span><span class='label'>current_user:</span> <span class='id identifier rubyid_current_user'>current_user</span><span class='rparen'>)</span> <span class='lbrace'>{</span> <span class='op'>|</span><span class='id identifier rubyid_result'>result</span><span class='op'>|</span> <span class='kw'>yield</span> <span class='id identifier rubyid_result'>result</span> <span class='rbrace'>}</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+      <div class="method_details ">
+  <h3 class="signature " id="sign_up-instance_method">
+    #<strong>sign_up</strong>(attribs, current_user:) {|result| ... }
+</h3><div class="docstring">
+  <div class="discussion">
+    <p class="note returns_void">This method returns an undefined value.</p><p>Persist a new User to a Repository based on passed-in attributes, where the
+resulting Entity (on success) contains a  <code>:password_hash</code> attribute
+containing the encrypted value of a <strong>random</strong> Clear-Text Password; any
+<code>password</code> value within <code>attribs</code> is ignored.</p>
+<p>The method <em>requires</em> a block, to which a <code>result</code> indicating success or
+failure is yielded. That block <strong>must</strong> in turn call <strong>both</strong>
+<code>result.success</code> and <code>result.failure</code> to handle success and failure results,
+respectively. On success, the block yielded to by <code>result.success</code> is called
+and passed a <code>user:</code> parameter, which is the newly-created User Entity.</p>
+<p>If the call fails, the <code>result.success</code> block is yielded to, and passed a
+<code>code:</code> parameter, which will contain one of the following symbols:</p>
+<ul>
+<li><code>:current_user_exists</code> indicates that the method was called with a
+Registered User as the <code>current_user</code> parameter.</li>
+<li><code>:user_already_created</code> indicates that the specified <code>name</code> attribute
+matches a record that already exists in the underlying Repository.</li>
+<li><code>:user_creation_failed</code> indicates that the Repository was unable to create
+the new User for some other reason, such as an internal error.</li>
+</ul>
+<p><strong>NOTE</strong> that the incoming <code>params</code> are expected to have been whitelisted at
+the Controller Action Class level.</p>
+  </div>
+</div>
+<div class="tags">
+  <div class="examples">
+    <p class="tag_title">Examples:</p>
+        <p class="example_title"><div class='inline'><p>in a Controller Action Class</p>
+</div></p>
+      <pre class="example code"><code><span class='kw'>def</span> <span class='id identifier rubyid_call'>call</span><span class='lparen'>(</span><span class='id identifier rubyid__params'>_params</span><span class='rparen'>)</span>
+  <span class='id identifier rubyid_sign_up'>sign_up</span><span class='lparen'>(</span><span class='id identifier rubyid_params'>params</span><span class='comma'>,</span> <span class='label'>current_user:</span> <span class='id identifier rubyid_session'>session</span><span class='lbracket'>[</span><span class='symbol'>:current_user</span><span class='rbracket'>]</span><span class='rparen'>)</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_result'>result</span><span class='op'>|</span>
+    <span class='id identifier rubyid_result'>result</span><span class='period'>.</span><span class='id identifier rubyid_success'>success</span> <span class='kw'>do</span> <span class='op'>|</span><span class='label'>user:</span><span class='op'>|</span>
+      <span class='ivar'>@user</span> <span class='op'>=</span> <span class='id identifier rubyid_user'>user</span>
+      <span class='id identifier rubyid_message'>message</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_user'>user</span><span class='period'>.</span><span class='id identifier rubyid_name'>name</span><span class='embexpr_end'>}</span><span class='tstring_content'> successfully created. You may sign in now.</span><span class='tstring_end'>&quot;</span></span>
+      <span class='id identifier rubyid_flash'>flash</span><span class='lbracket'>[</span><span class='const'><span class='object_link'><a href="" title="CryptIdent (module)">CryptIdent</a></span></span><span class='period'>.</span><span class='id identifier rubyid_config'>config</span><span class='period'>.</span><span class='id identifier rubyid_success_key'>success_key</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_message'>message</span>
+      <span class='id identifier rubyid_redirect_to'>redirect_to</span> <span class='id identifier rubyid_routes'>routes</span><span class='period'>.</span><span class='id identifier rubyid_root_path'>root_path</span>
+    <span class='kw'>end</span>
+    <span class='id identifier rubyid_result'>result</span><span class='period'>.</span><span class='id identifier rubyid_failure'>failure</span> <span class='kw'>do</span> <span class='op'>|</span><span class='label'>code:</span><span class='op'>|</span>
+      <span class='comment'># `#error_message_for` is a method on the same class, not shown
+</span>      <span class='id identifier rubyid_failure_key'>failure_key</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="" title="CryptIdent (module)">CryptIdent</a></span></span><span class='period'>.</span><span class='id identifier rubyid_config'>config</span><span class='period'>.</span><span class='id identifier rubyid_failure_key'>failure_key</span>
+      <span class='id identifier rubyid_flash'>flash</span><span class='lbracket'>[</span><span class='id identifier rubyid_failure_key'>failure_key</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_error_message_for'>error_message_for</span><span class='lparen'>(</span><span class='id identifier rubyid_code'>code</span><span class='comma'>,</span> <span class='id identifier rubyid_params'>params</span><span class='rparen'>)</span>
+    <span class='kw'>end</span>
+  <span class='kw'>end</span>
+<span class='kw'>end</span></code></pre>
+  </div>
+<p class="tag_title">Parameters:</p>
+<ul class="param">
+    <li>
+        <span class='name'>attribs</span>
+        <span class='type'>(<tt>Hash</tt>)</span>
+        &mdash;
+        <div class='inline'><p>Hash-like object of attributes for new User Entity and
+record. <strong>Must</strong> include <code>name</code> and  any other attributes
+required by the underlying database schema. Any <code>password</code>
+attribute will be ignored.</p>
+</div>
+    </li>
+    <li>
+        <span class='name'>current_user</span>
+        <span class='type'>(<tt>User</tt>, <tt>nil</tt>)</span>
+        &mdash;
+        <div class='inline'><p>Entity representing the current
+Authenticated User, or the Guest User. A value of <code>nil</code> is
+treated as though the Guest User had been specified.</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Yield Parameters:</p>
+<ul class="yieldparam">
+    <li>
+        <span class='name'>result</span>
+        <span class='type'>(<tt>Dry::Matcher::Evaluator</tt>)</span>
+        &mdash;
+        <div class='inline'><p>Indicates whether the attempt
+to create a new User succeeded or failed. Block <strong>must</strong>
+call <strong>both</strong> <code>result.success</code> and <code>result.failure</code> methods,
+where the block passed to <code>result.success</code> accepts a parameter
+for <code>user:</code> (which is the newly-created User Entity). The
+block passed to <code>result.failure</code> accepts a parameter for
+<code>code:</code>, which is a Symbol reporting the reason for the
+failure (as described above).</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Since:</p>
+<ul class="since">
+    <li>
+        <div class='inline'><p>0.1.0</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Required Authentication Status:</p>
+<ul class="authenticated">
+    <li>
+        <div class='inline'><p>Must not be Authenticated.</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Session Data Interacted With:</p>
+<ul class="session_data">
+    <li>
+        <div class='inline'><p><code>:current_user</code> <strong>must not</strong> be a Registered User.</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Ubiquitous Language Terms:</p>
+<ul class="ubiq_lang">
+    <li>
+        <div class='inline'><ul>
+<li>Authentication</li>
+<li>Clear-Text Password</li>
+<li>Entity</li>
+<li>Guest User</li>
+<li>Registered User</li>
+</ul>
+</div>
+    </li>
+</ul>
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+87
+88
+89
+90
+91</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/crypt_ident/sign_up.rb', line 87</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_sign_up'>sign_up</span><span class='lparen'>(</span><span class='id identifier rubyid_attribs'>attribs</span><span class='comma'>,</span> <span class='label'>current_user:</span><span class='rparen'>)</span>
+  <span class='const'>SignUp</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='period'>.</span><span class='id identifier rubyid_call'>call</span><span class='lparen'>(</span><span class='id identifier rubyid_attribs'>attribs</span><span class='comma'>,</span> <span class='label'>current_user:</span> <span class='id identifier rubyid_current_user'>current_user</span><span class='rparen'>)</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_result'>result</span><span class='op'>|</span>
+    <span class='kw'>yield</span> <span class='id identifier rubyid_result'>result</span>
+  <span class='kw'>end</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+      <div class="method_details ">
+  <h3 class="signature " id="update_session_expiry-instance_method">
+    #<strong>update_session_expiry</strong>(session_data = {})  &#x21d2; <tt>Hash</tt>
+</h3><div class="docstring">
+  <div class="discussion">
+    <p>Generate a Hash containing an updated Session Expiration timestamp, which
+can then be used for session management.</p>
+<p>This is one of two methods in <code>CryptIdent</code> (the other being
+<a href="#session-expired"><code>#session_expired?</code></a>) which <em>does not</em> follow the
+<code>result</code>/success/failure <a href="#interfaces">monad workflow</a>. This is because
+there is no success/failure division in the workflow. Calling the method
+only makes sense if there is a Registered User as the Current User, but <em>all
+this method does</em> is build a Hash with <code>:current_user</code> and <code>:expires_at</code>
+entries. The returned <code>:current_user</code> is the passed-in <code>:current_user</code> if a
+Registered User, or the Guest User if not. The returned <code>:updated_at</code> value,
+for a Registered User, is the configured Session Expiry added to the current
+time, and for the Guest User, a time far enough in the future that any call
+to <code>#session_expired?</code> will be highly unlikely to ever return <code>true</code>.</p>
+<p>The client code is responsible for applying these values to its own actual
+session data, as described by the sample session-management code shown in
+the README.</p>
+  </div>
+</div>
+<div class="tags">
+  <div class="examples">
+    <p class="tag_title">Examples:</p>
+        <p class="example_title"><div class='inline'><p>As used in module included by Controller Action Class (see README)</p>
+</div></p>
+      <pre class="example code"><code><span class='kw'>def</span> <span class='id identifier rubyid_validate_session'>validate_session</span>
+  <span class='kw'>if</span> <span class='op'>!</span><span class='id identifier rubyid_session_expired?'>session_expired?</span><span class='lparen'>(</span><span class='id identifier rubyid_session'>session</span><span class='rparen'>)</span>
+    <span class='id identifier rubyid_updates'>updates</span> <span class='op'>=</span> <span class='id identifier rubyid_update_session_expiry'>update_session_expiry</span><span class='lparen'>(</span><span class='id identifier rubyid_session'>session</span><span class='rparen'>)</span>
+    <span class='id identifier rubyid_session'>session</span><span class='lbracket'>[</span><span class='symbol'>:expires_at</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_updates'>updates</span><span class='lbracket'>[</span><span class='symbol'>:expires_at</span><span class='rbracket'>]</span>
+    <span class='kw'>return</span>
+  <span class='kw'>end</span>
+  <span class='comment'># ... sign out and redirect appropriately ...
+</span><span class='kw'>end</span></code></pre>
+  </div>
+<p class="tag_title">Parameters:</p>
+<ul class="param">
+    <li>
+        <span class='name'>session_data</span>
+        <span class='type'>(<tt>Hash</tt>)</span>
+        <em class="default">(defaults to: <tt>{}</tt>)</em>
+        &mdash;
+        <div class='inline'><p>The Rack session data of interest to the method.
+If the <code>:current_user</code> entry is defined, it <strong>must</strong> be either
+a User Entity or <code>nil</code>, signifying the Guest User. If the
+<code>:expires_at</code> entry is defined, its value in the returned Hash
+<em>will</em> be different.</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Returns:</p>
+<ul class="return">
+    <li>
+        <span class='type'>(<tt>Hash</tt>)</span>
+        &mdash;
+        <div class='inline'><p>A <code>Hash</code> with entries to be used to update session data.
+<code>expires_at</code> will have a value of the current time plus the
+configuration-specified <code>session_expiry</code> offset <em>if</em> the
+supplied <code>:current_user</code> value is a Registered User;
+otherwise it will have a value far enough in advance of the
+current time (e.g., by 100 years) that the
+<code>#session_expired?</code> method is highly unlikely to ever return
+<code>true</code>. The <code>:current_user</code> value will be the passed-in
+<code>session_data[:current_user]</code> value if that represents a
+Registered User, or the Guest User otherwise.</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Since:</p>
+<ul class="since">
+    <li>
+        <div class='inline'><p>0.1.0</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Required Authentication Status:</p>
+<ul class="authenticated">
+    <li>
+        <div class='inline'><p>Must be Authenticated.</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Session Data Interacted With:</p>
+<ul class="session_data">
+    <li>
+        <div class='inline'><p><code>:current_user</code> <strong>must</strong> be a User Entity. <code>nil</code> is accepted to indicate
+                the Guest User
+<code>:expires_at</code>   set to the session-expiration time on exit, which will be
+                arbitrarily far in the future for the Guest User.</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Ubiquitous Language Terms:</p>
+<ul class="ubiq_lang">
+    <li>
+        <div class='inline'><ul>
+<li>Authentication</li>
+<li>Guest User</li>
+<li>Registered User</li>
+<li>Session Expiration</li>
+<li>User</li>
+</ul>
+</div>
+    </li>
+</ul>
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+74
+75
+76</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/crypt_ident/update_session_expiry.rb', line 74</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_update_session_expiry'>update_session_expiry</span><span class='lparen'>(</span><span class='id identifier rubyid_session_data'>session_data</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
+  <span class='const'>UpdateSessionExpiry</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='period'>.</span><span class='id identifier rubyid_call'>call</span><span class='lparen'>(</span><span class='id identifier rubyid_session_data'>session_data</span><span class='rparen'>)</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+  </div>
+</div>
+      <div id="footer">
+  Generated on Sat Feb 16 04:17:25 2019 by
+  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
+  0.9.18 (ruby-2.6.0).
+</div>
+    </div>
+  </body>
+</html>