login_token: lets constantize

This commit is contained in:
simon lehericey 2019-01-03 16:16:23 +01:00 committed by Pierre de La Morinerie
parent 5daa565a80
commit 7b935a6486
2 changed files with 4 additions and 2 deletions

View file

@ -3,6 +3,8 @@ class Gestionnaire < ApplicationRecord
include EmailSanitizableConcern
include ActiveRecord::SecureToken
LOGIN_TOKEN_VALIDITY = 30.minutes
devise :database_authenticatable, :registerable, :async,
:recoverable, :rememberable, :trackable, :validatable
@ -141,7 +143,7 @@ class Gestionnaire < ApplicationRecord
def login_token_valid?(login_token)
BCrypt::Password.new(encrypted_login_token) == login_token &&
30.minutes.ago < login_token_created_at
LOGIN_TOKEN_VALIDITY.ago < login_token_created_at
rescue BCrypt::Errors::InvalidHash
false
end

View file

@ -401,7 +401,7 @@ describe Gestionnaire, type: :model do
it { expect(gestionnaire.login_token_valid?('bad_token')).to be false }
context 'when the token as expired' do
before { gestionnaire.update(login_token_created_at: 31.minutes.ago) }
before { gestionnaire.update(login_token_created_at: (Gestionnaire::LOGIN_TOKEN_VALIDITY + 1.minute).ago) }
it { expect(gestionnaire.login_token_valid?(good_token)).to be false }
end