Class: StandardId::RefreshToken

Inherits:

ApplicationRecord

• Object
• ActiveRecord::Base
• ApplicationRecord
• StandardId::RefreshToken

Defined in:

app/models/standard_id/refresh_token.rb

Class Method Summary

• .digest_for(jti) ⇒ Object
• .find_by_jti(jti) ⇒ Object

Instance Method Summary

• #active? ⇒ Boolean
• #expired? ⇒ Boolean
• #revoke! ⇒ Object
• #revoke_family! ⇒ Object

  Revoke this token and all tokens in the same family chain.

• #revoked? ⇒ Boolean

Class Method Details

.digest_for(jti) ⇒ Object

# File 'app/models/standard_id/refresh_token.rb', line 16

def self.digest_for(jti)
  Digest::SHA256.hexdigest(jti)
end

.find_by_jti(jti) ⇒ Object

# File 'app/models/standard_id/refresh_token.rb', line 20

def self.find_by_jti(jti)
  find_by(token_digest: digest_for(jti))
end

Instance Method Details

#active? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/standard_id/refresh_token.rb', line 24

def active?
  !revoked? && !expired?
end

#expired? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/standard_id/refresh_token.rb', line 28

def expired?
  expires_at <= Time.current
end

#revoke! ⇒ Object

# File 'app/models/standard_id/refresh_token.rb', line 36

def revoke!
  rows = self.class.where(id: id, revoked_at: nil).update_all(revoked_at: Time.current)
  reload if rows > 0
end

#revoke_family! ⇒ Object

Revoke this token and all tokens in the same family chain. A “family” is all tokens linked via previous_token_id. Only revokes tokens that aren’t already revoked, preserving historical revoked_at timestamps for audit purposes.

# File 'app/models/standard_id/refresh_token.rb', line 45

def revoke_family!
  family_tokens.where(revoked_at: nil).update_all(revoked_at: Time.current)
end

#revoked? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/standard_id/refresh_token.rb', line 32

def revoked?
  revoked_at.present?
end