Skip to content

O
OHR Support
Commit 6da0542a authored by Jean-Philippe Lang's avatar Jean-Philippe Lang
Browse files
Options

Delete previous tokens when creating a new one. 

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2778 e93f8b46-1217-0410-a6f0-8f06a7374b81
parent 62e58f26
Hide whitespace changes
Inline Side-by-side
Showing with 22 additions and 4 deletions
app/models/token.rb
View file @ 6da0542a
# redMine - project management software # Redmine - project management software
# Copyright (C) 2006 Jean-Philippe Lang # Copyright (C) 2006-2009 Jean-Philippe Lang
# #
# This program is free software; you can redistribute it and/or # This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License # modify it under the terms of the GNU General Public License
...@@ -19,6 +19,8 @@ class Token < ActiveRecord::Base ...@@ -19,6 +19,8 @@ class Token < ActiveRecord::Base
belongs_to :user belongs_to :user
validates_uniqueness_of :value validates_uniqueness_of :value
before_create :delete_previous_tokens
@@validity_time = 1.day @@validity_time = 1.day
def before_create def before_create
...@@ -39,4 +41,11 @@ private ...@@ -39,4 +41,11 @@ private
def self.generate_token_value def self.generate_token_value
ActiveSupport::SecureRandom.hex(20) ActiveSupport::SecureRandom.hex(20)
end end
# Removes obsolete tokens (same user and action)
def delete_previous_tokens
if user
Token.delete_all(['user_id = ? AND action = ?', user.id, action])
end
end
end end
test/unit/token_test.rb
View file @ 6da0542a
# redMine - project management software # Redmine - project management software
# Copyright (C) 2006-2007 Jean-Philippe Lang # Copyright (C) 2006-2009 Jean-Philippe Lang
# #
# This program is free software; you can redistribute it and/or # This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License # modify it under the terms of the GNU General Public License
...@@ -26,4 +26,13 @@ class TokenTest < Test::Unit::TestCase ...@@ -26,4 +26,13 @@ class TokenTest < Test::Unit::TestCase
assert_equal 40, token.value.length assert_equal 40, token.value.length
assert !token.expired? assert !token.expired?
end end
def test_create_should_remove_existing_tokens
user = User.find(1)
t1 = Token.create(:user => user, :action => 'autologin')
t2 = Token.create(:user => user, :action => 'autologin')
assert_not_equal t1.value, t2.value
assert !Token.exists?(t1.id)
assert Token.exists?(t2.id)
end
end end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment