From 7b935a6486307d111758e9ebec4dc9766856bce7 Mon Sep 17 00:00:00 2001 From: simon lehericey Date: Thu, 3 Jan 2019 16:16:23 +0100 Subject: [PATCH] login_token: lets constantize --- app/models/gestionnaire.rb | 4 +++- spec/models/gestionnaire_spec.rb | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/app/models/gestionnaire.rb b/app/models/gestionnaire.rb index dab20d0ac..9b6a8ece8 100644 --- a/app/models/gestionnaire.rb +++ b/app/models/gestionnaire.rb @@ -3,6 +3,8 @@ class Gestionnaire < ApplicationRecord include EmailSanitizableConcern include ActiveRecord::SecureToken + LOGIN_TOKEN_VALIDITY = 30.minutes + devise :database_authenticatable, :registerable, :async, :recoverable, :rememberable, :trackable, :validatable @@ -141,7 +143,7 @@ class Gestionnaire < ApplicationRecord def login_token_valid?(login_token) BCrypt::Password.new(encrypted_login_token) == login_token && - 30.minutes.ago < login_token_created_at + LOGIN_TOKEN_VALIDITY.ago < login_token_created_at rescue BCrypt::Errors::InvalidHash false end diff --git a/spec/models/gestionnaire_spec.rb b/spec/models/gestionnaire_spec.rb index b16eda588..adf65f7b6 100644 --- a/spec/models/gestionnaire_spec.rb +++ b/spec/models/gestionnaire_spec.rb @@ -401,7 +401,7 @@ describe Gestionnaire, type: :model do it { expect(gestionnaire.login_token_valid?('bad_token')).to be false } context 'when the token as expired' do - before { gestionnaire.update(login_token_created_at: 31.minutes.ago) } + before { gestionnaire.update(login_token_created_at: (Gestionnaire::LOGIN_TOKEN_VALIDITY + 1.minute).ago) } it { expect(gestionnaire.login_token_valid?(good_token)).to be false } end