eBooru/app/logical/session_creator.rb

# frozen_string_literal: true

class SessionCreator
  attr_reader :request, :session, :cookies, :name, :password, :remember

  def initialize(request, session, cookies, name, password, remember = false)
    @request = request
    @session = session
    @cookies = cookies
    @name = name
    @password = password
    @remember = remember
  end

  def authenticate
    if User.authenticate(name, password)
      user = User.find_by_name(name)

      session[:user_id] = user.id
      session[:last_authenticated_at] = Time.now.utc.to_s
      session[:ph] = user.password_token
      user.update_column(:last_ip_addr, request.remote_ip) unless user.is_blocked?

      if remember
        verifier = ActiveSupport::MessageVerifier.new(Danbooru.config.remember_key, serializer: JSON, digest: "SHA256")
        cookies.encrypted[:remember] = { value: verifier.generate("#{user.id}:#{user.password_token}", purpose: "rbr", expires_in: 14.days), expires: Time.now + 14.days, httponly: true, same_site: :lax, secure: Rails.env.production? }
      end
      return true
    else
      return false
    end
  end
end
[RuboCop] Enable `Style/FrozenStringLiteralComment` This reduces allocations on the posts page by about 5%, from basic testing 2024-02-25 12:15:55 -05:00			`# frozen_string_literal: true`

refactored login process, added remember option for login 2011-10-15 16:36:07 -04:00			`class SessionCreator`
[Users] Consolidate password confirmation into singular route (#813) 2024-12-18 09:02:02 -05:00			`attr_reader :request, :session, :cookies, :name, :password, :remember`
Kill trailing whitespace in ruby files 2013-03-19 08:10:10 -04:00
[Users] Consolidate password confirmation into singular route (#813) 2024-12-18 09:02:02 -05:00			`def initialize(request, session, cookies, name, password, remember = false)`
			`@request = request`
refactored login process, added remember option for login 2011-10-15 16:36:07 -04:00			`@session = session`
			`@cookies = cookies`
			`@name = name`
			`@password = password`
			`@remember = remember`
			`end`
Kill trailing whitespace in ruby files 2013-03-19 08:10:10 -04:00
refactored login process, added remember option for login 2011-10-15 16:36:07 -04:00			`def authenticate`
			`if User.authenticate(name, password)`
			`user = User.find_by_name(name)`
Kill trailing whitespace in ruby files 2013-03-19 08:10:10 -04:00
refactored login process, added remember option for login 2011-10-15 16:36:07 -04:00			`session[:user_id] = user.id`
[Users] Consolidate password confirmation into singular route (#813) 2024-12-18 09:02:02 -05:00			`session[:last_authenticated_at] = Time.now.utc.to_s`
[Auth] Prevent infinite sessions. Prevents sessions from persisting beyond password changes. 2021-12-18 06:36:19 -05:00			`session[:ph] = user.password_token`
[Users] Consolidate password confirmation into singular route (#813) 2024-12-18 09:02:02 -05:00			`user.update_column(:last_ip_addr, request.remote_ip) unless user.is_blocked?`
Add session remember support 2019-10-31 09:41:21 -04:00
Better remember support 2020-04-12 22:08:33 -04:00			`if remember`
[Tests] Update tests and fix deprecations 2021-02-13 03:59:14 -05:00			`verifier = ActiveSupport::MessageVerifier.new(Danbooru.config.remember_key, serializer: JSON, digest: "SHA256")`
[Users] Consolidate password confirmation into singular route (#813) 2024-12-18 09:02:02 -05:00			`cookies.encrypted[:remember] = { value: verifier.generate("#{user.id}:#{user.password_token}", purpose: "rbr", expires_in: 14.days), expires: Time.now + 14.days, httponly: true, same_site: :lax, secure: Rails.env.production? }`
Better remember support 2020-04-12 22:08:33 -04:00			`end`
refactored login process, added remember option for login 2011-10-15 16:36:07 -04:00			`return true`
			`else`
			`return false`
			`end`
			`end`
			`end`