straight-server 0.1.2 → 0.2.0

data/lib/straight-server/order.rb

@@ -1,6 +1,6 @@
 module StraightServer
  
-  class Order < Sequel::Model 
+  class Order < Sequel::Model
 
     include Straight::OrderModule
     plugin :validation_helpers
@@ -8,6 +8,12 @@ module StraightServer
 
     plugin :serialization
     serialize_attributes :marshal, :callback_response
+    serialize_attributes :marshal, :data
+
+    plugin :after_initialize
+    def after_initialize
+      @status = self[:status] || 0
+    end
 
     def gateway
       @gateway ||= Gateway.find_by_id(gateway_id)
@@ -18,17 +24,42 @@ module StraightServer
       @gateway        = g
     end
 
+    # This method is called from the Straight::OrderModule::Prependable
+    # using super(). The reason it is reloaded here is because sometimes
+    # we want to query the DB first and see if status has changed there.
+    #
+    # If it indeed changed in the DB and is > 1, then the original
+    # Straight::OrderModule::Prependable#status method will not try to
+    # query the blockchain (using adapters) because the status has already
+    # been changed to be > 1.
+    #
+    # This is mainly useful for debugging. For example,
+    # when testing payments, you don't actually want to pay, you can just
+    # run the server console, change order status in the DB and see how your
+    # client picks it up, showing you that your order has been paid for.
+    #
+    # If you want the feature described above on,
+    # set StraightServer::Config.check_order_status_in_db_first to true
+    def status(as_sym: false, reload: false)
+      if reload && StraightServer::Config.check_order_status_in_db_first
+        @old_status = self.status
+        self.refresh
+        unless self[:status] == @old_status
+          @status         = self[:status]
+          @status_changed = true
+          self.gateway.order_status_changed(self)
+        end
+      end
+      self[:status] = @status
+    end
+
     def save
       super # calling Sequel::Model save
       @status_changed = false
     end
 
-    def status_changed?
-      @status_changed
-    end
-
     def to_h
-      super.merge({ id: id })
+      super.merge({ id: id, payment_id: payment_id, amount_in_btc: amount_in_btc(as: :string) })
     end
 
     def to_json
@@ -39,6 +70,8 @@ module StraightServer
       super # calling Sequel::Model validator
       errors.add(:amount,     "is invalid") if !amount.kind_of?(Numeric)     || amount <= 0
       errors.add(:gateway_id, "is invalid") if !gateway_id.kind_of?(Numeric) || gateway_id <= 0
+      errors.add(:description, "should be shorter than 255 charachters") if description.kind_of?(String) && description.length > 255
+      errors.add(:gateway, "is inactive, cannot create order for inactive gateway") unless gateway.active
       validates_unique   :id, :address, [:keychain_id, :gateway_id]
       validates_presence [:address, :keychain_id, :gateway_id, :amount]
     end
@@ -47,16 +80,48 @@ module StraightServer
       "order_id=#{id}&amount=#{amount}&status=#{status}&address=#{address}&tid=#{tid}"
     end
 
-    def start_periodic_status_check
-      StraightServer.logger.info "Starting periodic status checks of the order #{self.id}"
+    def before_create
+      self.payment_id = gateway.sign_with_secret("#{keychain_id}#{amount}#{created_at}")
+
+      # Save info about current exchange rate at the time of purchase
+      unless gateway.default_currency == 'BTC'
+        self.data = {} unless self.data
+        self.data[:exchange_rate] = { price: gateway.current_exchange_rate, currency: gateway.default_currency }
+      end
+      
       super
     end
 
-    def check_status_on_schedule(period: 10, iteration_index: 0)
+    # Update Gateway's order_counters, incrementing the :new counter.
+    # All other increments/decrements happen in the the Gateway#order_status_changed callback,
+    # but the initial :new increment needs this code because the Gateway#order_status_changed 
+    # isn't called in this case.
+    def after_create
+      self.gateway.increment_order_counter!(:new) if StraightServer::Config.count_orders
+    end
+
+    # Reloads the method in Straight engine. We need to take
+    # Order#created_at into account now, so that we don't start checking on
+    # an order that is already expired. Or, if it's not expired yet,
+    # we make sure to stop all checks as soon as it expires, but not later.
+    def start_periodic_status_check(duration: gateway.orders_expiration_period)
+      StraightServer.logger.info "Starting periodic status checks of order #{self.id}"
+      if (t = time_left_before_expiration) > 0
+        check_status_on_schedule(duration: t)
+      end
+      self.save if self.status_changed?
+    end
+
+    def check_status_on_schedule(period: 10, iteration_index: 0, duration: 600, time_passed: 0)
       StraightServer.logger.info "Checking status of order #{self.id}"
       super
     end
 
+    def time_left_before_expiration(duration: gateway.orders_expiration_period)
+      time_passed_after_creation = (Time.now - created_at).to_i
+      gateway.orders_expiration_period-time_passed_after_creation
+    end
+
   end
 
 end

data/lib/straight-server/orders_controller.rb

@@ -13,13 +13,20 @@ module StraightServer
     end
 
     def create
+      
+      unless @gateway
+        StraightServer.logger.warn "Gateway not found"
+        return [404, {}, "Gateway not found" ]
+      end
+
       begin
         order = @gateway.create_order(
-          amount:           @params['amount'],
+          amount:           @params['amount'], # this is satoshi
           currency:         @params['currency'],
           btc_denomination: @params['btc_denomination'],
           id:               @params['order_id'],
-          signature:        @params['signature']
+          signature:        @params['signature'],
+          data:             @params['data']
         )
         StraightServer::Thread.new do
           order.start_periodic_status_check
@@ -33,11 +40,14 @@ module StraightServer
       rescue StraightServer::GatewayModule::InvalidOrderId
         StraightServer.logger.warn message = "An invalid id for order supplied: #{@params['order_id']}"
         [409, {}, message ]
+      rescue StraightServer::GatewayModule::GatewayInactive
+        StraightServer.logger.warn message = "The gateway is inactive, you cannot create order with it"
+        [503, {}, message ]
       end
     end
 
     def show
-      order = Order[@params['id']]
+      order = Order[@params['id']] || (@params['id'] =~ /[^\d]+/ && Order[:payment_id => @params['id']])
       if order
         order.status(reload: true)
         order.save if order.status_changed?
@@ -46,7 +56,13 @@ module StraightServer
     end
 
     def websocket
-      order = Order[@params['id']]
+      
+      order = if @params['id'] =~ /[^\d]+/
+        Order[:payment_id => @params['id']]
+      else
+        Order[@params['id']]
+      end
+
       if order
         begin
           @gateway.add_websocket_for_order ws = Faye::WebSocket.new(@env), order
@@ -66,10 +82,11 @@ module StraightServer
         StraightServer.logger.blank_lines
         StraightServer.logger.info "#{@method} #{@env['REQUEST_PATH']}\n#{@params}"
 
-        @gateway = StraightServer::Gateway.find_by_id(@request_path[1])
+        @gateway = StraightServer::Gateway.find_by_hashed_id(@request_path[1])
 
         @response = if @request_path[3] # if an order id is supplied
-          @params['id'] = @request_path[3].to_i
+          @params['id'] = @request_path[3]
+          @params['id'] = @params['id'].to_i if @params['id'] =~ /\A\d+\Z/
           if @request_path[4] == 'websocket'
             websocket
           elsif @request_path[4].nil? && @method == 'GET'

data/lib/straight-server/random_string.rb

@@ -0,0 +1,18 @@
+class String
+
+  def self.random(len)
+    s = ""
+    while s.length != len do
+      s = rand(36**len).to_s(36) 
+    end
+    s
+  end
+
+  def repeat(times)
+    result = ""
+    times.times { result << self }
+    result
+  end
+
+end
+

data/lib/straight-server/server.rb

@@ -6,12 +6,24 @@ module StraightServer
     Faye::WebSocket.load_adapter('goliath')
 
     def initialize
+      super
       prepare
-      StraightServer.logger.info "Starting Straight server v #{StraightServer::VERSION}"
+      StraightServer.logger.info "starting Straight Server v #{StraightServer::VERSION}"
       require_relative 'order'
       require_relative 'gateway'
       require_relative 'orders_controller'
-      super
+      load_addons
+      resume_tracking_active_orders!
+    end
+
+    def options_parser(opts, options)
+      # Even though we define that option here, it is purely for the purposes of compliance with
+      # Goliath server. If don't do that, there will be an exception saying "unrecognized argument".
+      # In reality, we make use of --config-dir value in the in StraightServer::Initializer and stored
+      # it in StraightServer::Initializer.config_dir property. 
+      opts.on('-c', '--config-dir STRING', "Directory where config files and addons are placed") do |val|
+        options[:config_dir] = File.expand_path(val || ENV['HOME'] + '/.straight' )
+      end
     end
 
     def response(env)
@@ -24,21 +36,15 @@ module StraightServer
 
       StraightServer.logger.watch_exceptions do
 
-        # This is a client implementation example, an html page + a dart script
-        # supposed to only be loaded in development.
-        if Goliath.env == :development
-          if env['REQUEST_PATH'] == '/'
-            return [200, {}, IO.read(Initializer::GEM_ROOT + '/examples/client/client.html')]
-          elsif Goliath.env == :development && env['REQUEST_PATH'] == '/client.dart'
-            return [200, {}, IO.read(Initializer::GEM_ROOT + '/examples/client/client.dart')]
-          end
-        end
-
-        if env['REQUEST_PATH'] =~ /\A\/gateways\/.+?\/orders(\/.+)?\Z/
-          controller = OrdersController.new(env)
-          return controller.response
-        else
-          return [404, {}, "#{env['REQUEST_METHOD']} #{env['REQUEST_PATH']} Not found"]
+        # If the process is daemonized, we get Sequel::DatabaseDisconnectError with Postgres.
+        # The explanation is here: https://github.com/thuehlinger/daemons/issues/31
+        # Until I figure out where to call connect_to_db so that it connects to the DB
+        # AFTER the process is daemonized, this shall remain as it is now.
+        begin
+          return process_request(env)
+        rescue Sequel::DatabaseDisconnectError 
+          connect_to_db
+          return process_request(env)
         end
 
       end
@@ -47,6 +53,27 @@ module StraightServer
       [500, {}, "#{env['REQUEST_METHOD']} #{env['REQUEST_PATH']} Server Error"]
 
     end
+
+    # This is a separate method now because of the need to rescue Sequel::DatabaseDisconnectError
+    # As soon as we figure out where should #connect_to_db be placed so that it is executed AFTER the process
+    # is daemonized, I'll refactor the code.
+    def process_request(env)
+      # This is a client implementation example, an html page + a dart script
+      # supposed to only be loaded in development.
+      if Goliath.env == :development
+        if env['REQUEST_PATH'] == '/'
+          return [200, {}, IO.read(Initializer::GEM_ROOT + '/examples/client/client.html')]
+        elsif Goliath.env == :development && env['REQUEST_PATH'] == '/client.js'
+          return [200, {}, IO.read(Initializer::GEM_ROOT + '/examples/client/client.js')]
+        end
+      end
+
+      @routes.each do |path, action| # path is a regexp
+        return action.call(env) if env['REQUEST_PATH'] =~ path
+      end
+      # no block was called, means no route matched. Let's render 404
+      return [404, {}, "#{env['REQUEST_METHOD']} #{env['REQUEST_PATH']} Not found"]
+    end
     
   end
 end

data/lib/straight-server/utils/hash_string_to_sym_keys.rb

@@ -0,0 +1,24 @@
+class Hash
+
+  # Replace String keys in the current hash with symbol keys
+  def keys_to_sym!
+    new_hash = keys_to_sym
+    self.clear
+    new_hash.each do |k,v|
+      self[k] = v
+    end
+  end
+
+  def keys_to_sym
+    symbolized_hash = {} 
+    self.each do |k,v|
+      if k =~ /\A[a-zA-Z0-9!?_]+\Z/
+        symbolized_hash[k.to_sym] = v
+      else
+        symbolized_hash[k] = v
+      end
+    end
+    symbolized_hash
+  end
+
+end

data/lib/straight-server.rb

@@ -3,12 +3,15 @@ require 'json'
 require 'sequel'
 require 'straight'
 require 'logmaster'
-require 'hmac'
-require 'hmac-sha1'
+require 'openssl'
+require 'base64'
 require 'net/http'
 require 'faye/websocket'
 Sequel.extension :migration
 
+
+require_relative 'straight-server/utils/hash_string_to_sym_keys'
+require_relative 'straight-server/random_string'
 require_relative 'straight-server/config'
 require_relative 'straight-server/initializer'
 require_relative 'straight-server/thread'
@@ -16,7 +19,7 @@ require_relative 'straight-server/orders_controller'
 
 module StraightServer
 
-  VERSION = '0.1.0'
+  VERSION = File.read(File.expand_path('../', File.dirname(__FILE__)) + '/VERSION')
 
   class << self
     attr_accessor :db_connection, :logger

data/spec/.straight/config.yml

@@ -1,6 +1,8 @@
 # If set to db, then use DB table to store gateways,
 # useful when your run many gateways on the same server.
 gateways_source: config
+environment: test
+count_orders: true
 
 gateways:
 
@@ -12,10 +14,12 @@ gateways:
     check_signature: true
     callback_url: 'http://localhost:3000/payment-callback'
     default_currency: 'BTC'
+    orders_expiration_period: 900 # seconds
     exchange_rate_adapters:
       - Bitpay
       - Coinbase
       - Bitstamp
+    active: true
   second_gateway:
     pubkey: 'xpub-001'
     confirmations_required: 0
@@ -24,11 +28,23 @@ gateways:
     check_signature: false
     callback_url: 'http://localhost:3001/payment-callback'
     default_currency: 'BTC'
+    orders_expiration_period: 300 # seconds
     exchange_rate_adapters:
       - Bitpay
       - Coinbase
       - Bitstamp
+    active: true
+
+blockchain_adapters:
+  - BlockchainInfo
+  - Mycelium
 
 db:
   adapter: sqlite
   name: straight.db
+
+redis:
+  host: localhost
+  port: 6379
+  db:   null
+  password: null

data/spec/.straight/server_secret

@@ -0,0 +1 @@
+global server secret

data/spec/fixtures/addons.yml

@@ -0,0 +1,19 @@
+# This is where you put info about your addons.
+#
+# Addons are just modules that extend the StraightServer::Server module.
+# 
+# Addon modules can be both rubygems or files under ~/.straight/addons/.
+# If ~/.straight/addons.yml contains a 'path' key for a particular addon, then it means
+# the addon is placed under the ~/.straight/addons/. If not, it is assumed it is
+# already in the LOAD_PATH somehow, with rubygems for example.
+#
+#
+# Example:
+#
+#   payment_ui:               # <- name doesn't affect anything, just shows up in the log file
+#     path: addons/payment_ui # <- This is unnecessary if addon is already in the LOAD_PATH
+#     module: PaymentUI       # <- actual module should be a submodule of StraightServer::Addon
+
+test_addon:
+  path: 'addons/test_addon'
+  module: 'TestAddon'  

data/spec/fixtures/test_addon.rb

@@ -0,0 +1,8 @@
+module StraightServer
+  module Addon
+    module TestAddon
+      def test_addon_method
+      end
+    end
+  end
+end

data/spec/lib/gateway_spec.rb

@@ -5,6 +5,7 @@ RSpec.describe StraightServer::Gateway do
   before(:each) do
     @gateway = StraightServer::GatewayOnConfig.find_by_id(1)
     @order_mock = double("order mock")
+    allow(@order_mock).to receive(:old_status)
     [:id, :gateway=, :save, :to_h, :id=].each { |m| allow(@order_mock).to receive(m) }
     @order_for_keychain_id_args = { amount: 1, keychain_id: 1, currency: nil, btc_denomination: nil }
   end
@@ -13,7 +14,7 @@ RSpec.describe StraightServer::Gateway do
     @gateway.last_keychain_id = 0
     expect( -> { @gateway.create_order(amount: 1, signature: 'invalid', id: 1) }).to raise_exception(StraightServer::GatewayModule::InvalidSignature)
     expect(@gateway).to receive(:order_for_keychain_id).with(@order_for_keychain_id_args).once.and_return(@order_mock)
-    @gateway.create_order(amount: 1, signature: hmac_sha1(1, 'secret'), id: 1)
+    @gateway.create_order(amount: 1, signature: hmac_sha256(1, 'secret'), id: 1)
   end
 
   it "checks md5 signature only if that setting is set ON for a particular gateway" do
@@ -25,8 +26,8 @@ RSpec.describe StraightServer::Gateway do
   end
 
   it "doesn't allow nil or empty order id if signature checks are enabled" do
-    expect( -> { @gateway.create_order(amount: 1, signature: 'invalid', id: nil) }).to raise_exception(StraightServer::GatewayModule::InvalidOrderId)
-    expect( -> { @gateway.create_order(amount: 1, signature: 'invalid', id: '') }).to raise_exception(StraightServer::GatewayModule::InvalidOrderId)
+    expect( -> { @gateway.create_order(amount: 1, signature: hmac_sha256(nil, 'secret'), id: nil) }).to raise_exception(StraightServer::GatewayModule::InvalidOrderId)
+    expect( -> { @gateway.create_order(amount: 1, signature: hmac_sha256('', 'secret'), id: '') }).to raise_exception(StraightServer::GatewayModule::InvalidOrderId)
   end
 
   it "sets order amount in satoshis calculated from another currency" do
@@ -36,6 +37,16 @@ RSpec.describe StraightServer::Gateway do
     expect(@gateway.create_order(amount: 2252.706, currency: 'USD').amount).to eq(500000000)
   end
 
+  it "doesn't allow to create a new order if the gateway is inactive" do
+    @gateway.active = false
+    expect( -> { @gateway.create_order }).to raise_exception(StraightServer::GatewayModule::GatewayInactive)
+    @gateway.active = true
+  end
+
+  it "loads blockchain adapters according to the config file" do
+    expect(@gateway.blockchain_adapters.map(&:class)).to eq([Straight::Blockchain::BlockchainInfoAdapter, Straight::Blockchain::MyceliumAdapter])
+  end
+
   context "callback url" do
 
     before(:each) do
@@ -64,7 +75,7 @@ RSpec.describe StraightServer::Gateway do
     it "signs the callback if gateway has a secret" do
       @gateway = StraightServer::GatewayOnConfig.find_by_id(1) # Gateway 1 requires signatures
       expect(@response_mock).to receive(:code).twice.and_return("200")
-      expect(URI).to receive(:parse).with('http://localhost:3000/payment-callback?' + @order.to_http_params + "&signature=#{hmac_sha1(hmac_sha1(@order.id, 'secret'), 'secret')}")
+      expect(URI).to receive(:parse).with('http://localhost:3000/payment-callback?' + @order.to_http_params + "&signature=#{hmac_sha256(hmac_sha256(@order.id, 'secret'), 'secret')}")
       expect(Net::HTTP).to receive(:get_response).and_return(@response_mock)
       @gateway.order_status_changed(@order)
     end
@@ -88,6 +99,51 @@ RSpec.describe StraightServer::Gateway do
 
   end
 
+  describe "order counters" do
+
+    it "uses 0 for non-existent order counters and increments them" do
+      expect(@gateway.order_counters(reload: true)).to include({ new: 0, unconfirmed: 0, paid: 0, underpaid: 0, overpaid: 0, expired: 0 })
+      @gateway.increment_order_counter!(:new)
+      expect(@gateway.order_counters(reload: true)[:new]).to eq(1)
+    end
+
+    it "raises exception when trying to access counters but the feature is disabled" do
+      allow(StraightServer::Config).to receive(:count_orders).and_return(false)
+      expect( -> { @gateway.order_counters(reload: true) }).to raise_exception(StraightServer::Gateway::OrderCountersDisabled) 
+      expect( -> { @gateway.increment_order_counter!(:new) }).to raise_exception(StraightServer::Gateway::OrderCountersDisabled) 
+    end
+
+    it "updates gateway's order counters when an associated order status changes" do
+      allow_any_instance_of(StraightServer::Order).to receive(:transaction).and_return({ tid: 'xxx' })
+      allow(@gateway).to receive(:send_callback_http_request)
+      allow(@gateway).to receive(:send_order_to_websocket_client)
+
+      expect(@gateway.order_counters(reload: true)).to eq({ new: 0, unconfirmed: 0, paid: 0, underpaid: 0, overpaid: 0, expired: 0 })
+      order = create(:order, gateway_id: @gateway.id)
+      expect(@gateway.order_counters(reload: true)).to eq({ new: 1, unconfirmed: 0, paid: 0, underpaid: 0, overpaid: 0, expired: 0 })
+      order.status = 2
+      expect(@gateway.order_counters(reload: true)).to eq({ new: 0, unconfirmed: 0, paid: 1, underpaid: 0, overpaid: 0, expired: 0 })
+
+      expect(@gateway.order_counters(reload: true)).to eq({ new: 0, unconfirmed: 0, paid: 1, underpaid: 0, overpaid: 0, expired: 0 })
+      order = create(:order, gateway_id: @gateway.id)
+      expect(@gateway.order_counters(reload: true)).to eq({ new: 1, unconfirmed: 0, paid: 1, underpaid: 0, overpaid: 0, expired: 0 })
+      order.status = 1
+      expect(@gateway.order_counters(reload: true)).to eq({ new: 0, unconfirmed: 1, paid: 1, underpaid: 0, overpaid: 0, expired: 0 })
+      order.status = 5
+      expect(@gateway.order_counters(reload: true)).to eq({ new: 0, unconfirmed: 0, paid: 1, underpaid: 0, overpaid: 0, expired: 1 })
+    end
+
+    it "doesn't increment orders on status update unless the option is turned on (but no exception raised)" do
+      allow(StraightServer::Config).to receive(:count_orders).and_return(false)
+      allow_any_instance_of(StraightServer::Order).to receive(:transaction).and_return({ tid: 'xxx' })
+      allow(@gateway).to receive(:send_callback_http_request)
+      allow(@gateway).to receive(:send_order_to_websocket_client)
+      order = create(:order, gateway_id: @gateway.id)
+      expect(StraightServer::Config.redis[:connection].get("#{StraightServer::Config.redis[:prefix]}:gateway_#{@gateway.id}:new_orders_counter")).to be_nil
+    end
+
+  end
+
   describe "config based gateway" do
 
     it "loads all the gateways from the config file and assigns correct attributes" do
@@ -113,16 +169,23 @@ RSpec.describe StraightServer::Gateway do
       expect(File.read("#{ENV['HOME']}/.straight/default_last_keychain_id").to_i).to eq(1)
 
       expect(@gateway).to receive(:order_for_keychain_id).with(@order_for_keychain_id_args.merge({ keychain_id: 2})).once.and_return(@order_mock)
-      @gateway.create_order(amount: 1, signature: hmac_sha1(1, 'secret'), id: 1)
+      @gateway.create_order(amount: 1, signature: hmac_sha256(1, 'secret'), id: 1)
       expect(File.read("#{ENV['HOME']}/.straight/default_last_keychain_id").to_i).to eq(2)
     end
+    
+    it "searches for Gateway using regular ids when find_by_hashed_id method is called" do
+      expect(StraightServer::GatewayOnConfig.find_by_hashed_id(1)).not_to be_nil
+    end
 
   end
 
   describe "db based gateway" do
 
     before(:each) do
-      @gateway = StraightServer::GatewayOnDB.create(
+      # clean the database
+      DB.run("DELETE FROM gateways")
+
+      @gateway = StraightServer::GatewayOnDB.new(
         confirmations_required: 0,
         pubkey:      'xpub-000',
         order_class: 'StraightServer::Order',
@@ -134,21 +197,40 @@ RSpec.describe StraightServer::Gateway do
     end
     
     it "saves and retrieves last_keychain_id from the db" do
+      @gateway.save
       expect(DB[:gateways][:name => 'default'][:last_keychain_id]).to eq(0)
       @gateway.increment_last_keychain_id!
       expect(DB[:gateways][:name => 'default'][:last_keychain_id]).to eq(1)
 
       expect(@gateway).to receive(:order_for_keychain_id).with(@order_for_keychain_id_args.merge({ keychain_id: 2})).once.and_return(@order_mock)
-      @gateway.create_order(amount: 1, signature: hmac_sha1(1, 'secret'), id: 1)
+      @gateway.create_order(amount: 1, signature: hmac_sha256(1, 'secret'), id: 1)
       expect(DB[:gateways][:name => 'default'][:last_keychain_id]).to eq(2)
     end
 
+    it "encryptes and decrypts the gateway secret" do
+      expect(@gateway.send(:encrypt_secret)).to eq("96c1c24edff5c1c2:6THJEZqg+2qlDhtWE2Tytg==")
+      expect(@gateway.send(:decrypt_secret)).to eq("secret")
+      expect(@gateway.secret).to eq("secret")
+    end
+
+    it "finds orders using #find_by_id method which is essentially an alias for Gateway[]" do
+      @gateway.save
+      expect(StraightServer::GatewayOnDB.find_by_id(@gateway.id)).to eq(@gateway)
+    end
+
+    it "assigns hashed_id to gateway and then finds gateway using that value" do
+      @gateway.save
+      hashed_id = hmac_sha256(@gateway.id, 'global server secret')
+      expect(@gateway.hashed_id).to eq(hashed_id)
+      expect(StraightServer::GatewayOnDB.find_by_hashed_id(hashed_id)).to eq(@gateway)
+    end
+
   end
 
   describe "handling websockets" do
 
     before(:each) do
-      @gateway.instance_variable_set(:@websockets, {})
+      StraightServer::GatewayModule.class_variable_set(:@@websockets, { @gateway.id => {} })
       @ws = double("websocket mock")
       allow(@ws).to receive(:on).with(:close)
       allow(@order_mock).to receive(:id).and_return(1)
@@ -157,7 +239,7 @@ RSpec.describe StraightServer::Gateway do
 
     it "adds a new websocket for the order" do
       @gateway.add_websocket_for_order(@ws, @order_mock)
-      expect(@gateway.instance_variable_get(:@websockets)).to eq({ 1 => @ws})
+      expect(@gateway.websockets).to eq({1 => @ws})
     end
 
     it "sends a message to the websocket when status of the order is changed and closes the connection" do
@@ -182,10 +264,8 @@ RSpec.describe StraightServer::Gateway do
 
   end
 
-  def hmac_sha1(key, secret)
-    h = HMAC::SHA1.new('secret')
-    h << key.to_s
-    h.hexdigest
+  def hmac_sha256(key, secret)
+    OpenSSL::HMAC.digest('sha256', secret, key.to_s).unpack("H*").first
   end
 
 end