2013-02-05 13:16:51 -06:00
class EmailToken < ActiveRecord :: Base
belongs_to :user
validates_presence_of :token
validates_presence_of :user_id
validates_presence_of :email
2013-02-28 12:54:12 -06:00
before_validation ( on : :create ) do
2013-02-05 13:16:51 -06:00
self . token = EmailToken . generate_token
2014-07-14 09:16:24 -05:00
self . email = self . email . downcase if self . email
2013-02-05 13:16:51 -06:00
end
after_create do
# Expire the previous tokens
2013-07-01 13:45:52 -05:00
EmailToken . where ( [ 'user_id = ? and id != ?' , self . user_id , self . id ] ) . update_all 'expired = true'
2013-02-05 13:16:51 -06:00
end
def self . token_length
16
end
def self . valid_after
2014-07-01 18:08:25 -05:00
SiteSetting . email_token_valid_hours . hours . ago
2014-03-04 13:03:04 -06:00
end
def self . confirm_valid_after
2014-07-01 18:08:25 -05:00
SiteSetting . email_token_grace_period_hours . ago
2013-02-05 13:16:51 -06:00
end
2013-02-22 10:49:48 -06:00
def self . unconfirmed
where ( confirmed : false )
end
def self . active
2013-02-22 14:19:44 -06:00
where ( expired : false ) . where ( 'created_at > ?' , valid_after )
2013-02-22 10:49:48 -06:00
end
2013-02-05 13:16:51 -06:00
def self . generate_token
SecureRandom . hex ( EmailToken . token_length )
end
2014-08-25 14:30:52 -05:00
def self . valid_token_format? ( token )
return token . present? && token =~ / [a-f0-9]{ #{ token . length / 2 } } /i
end
2013-02-05 13:16:51 -06:00
def self . confirm ( token )
2014-08-25 14:30:52 -05:00
return unless valid_token_format? ( token )
2013-02-05 13:16:51 -06:00
2014-03-04 13:03:04 -06:00
email_token = EmailToken . where ( " token = ? and expired = FALSE AND ((NOT confirmed AND created_at >= ?) OR (confirmed AND created_at >= ?)) " , token , EmailToken . valid_after , EmailToken . confirm_valid_after ) . includes ( :user ) . first
2013-02-05 13:16:51 -06:00
return if email_token . blank?
user = email_token . user
User . transaction do
2013-07-01 13:45:52 -05:00
row_count = EmailToken . where ( id : email_token . id , expired : false ) . update_all 'confirmed = true'
2013-02-05 13:16:51 -06:00
if row_count == 1
# If we are activating the user, send the welcome message
user . send_welcome_message = ! user . active?
user . active = true
user . email = email_token . email
user . save!
end
end
2014-07-03 15:06:49 -05:00
# redeem invite, if available
Invite . redeem_from_email ( user . email )
2013-02-05 13:16:51 -06:00
user
rescue ActiveRecord :: RecordInvalid
# If the user's email is already taken, just return nil (failure)
end
end
2013-05-23 21:48:32 -05:00
# == Schema Information
#
# Table name: email_tokens
#
# id :integer not null, primary key
# user_id :integer not null
# email :string(255) not null
# token :string(255) not null
# confirmed :boolean default(FALSE), not null
# expired :boolean default(FALSE), not null
2014-05-27 20:49:50 -05:00
# created_at :datetime
# updated_at :datetime
2013-05-23 21:48:32 -05:00
#
# Indexes
#
2014-08-22 12:01:44 -05:00
# index_email_tokens_on_token (token) UNIQUE
# index_email_tokens_on_user_id (user_id)
2013-05-23 21:48:32 -05:00
#