2013-02-05 14:16:51 -05:00
class EmailToken < ActiveRecord :: Base
belongs_to :user
validates_presence_of :token
validates_presence_of :user_id
validates_presence_of :email
2013-02-28 13:54:12 -05:00
before_validation ( on : :create ) do
2013-02-05 14:16:51 -05:00
self . token = EmailToken . generate_token
end
after_create do
# Expire the previous tokens
2013-07-01 14:45:52 -04:00
EmailToken . where ( [ 'user_id = ? and id != ?' , self . user_id , self . id ] ) . update_all 'expired = true'
2013-02-05 14:16:51 -05:00
end
def self . token_length
16
end
def self . valid_after
2014-07-01 19:08:25 -04:00
SiteSetting . email_token_valid_hours . hours . ago
2014-03-04 14:03:04 -05:00
end
def self . confirm_valid_after
2014-07-01 19:08:25 -04:00
SiteSetting . email_token_grace_period_hours . ago
2013-02-05 14:16:51 -05:00
end
2013-02-22 11:49:48 -05:00
def self . unconfirmed
where ( confirmed : false )
end
def self . active
2013-02-22 15:19:44 -05:00
where ( expired : false ) . where ( 'created_at > ?' , valid_after )
2013-02-22 11:49:48 -05:00
end
2013-02-05 14:16:51 -05:00
def self . generate_token
SecureRandom . hex ( EmailToken . token_length )
end
def self . confirm ( token )
return unless token . present?
return unless token . length / 2 == EmailToken . token_length
2014-03-04 14:03:04 -05:00
email_token = EmailToken . where ( " token = ? and expired = FALSE AND ((NOT confirmed AND created_at >= ?) OR (confirmed AND created_at >= ?)) " , token , EmailToken . valid_after , EmailToken . confirm_valid_after ) . includes ( :user ) . first
2013-02-05 14:16:51 -05:00
return if email_token . blank?
user = email_token . user
User . transaction do
2013-07-01 14:45:52 -04:00
row_count = EmailToken . where ( id : email_token . id , expired : false ) . update_all 'confirmed = true'
2013-02-05 14:16:51 -05:00
if row_count == 1
# If we are activating the user, send the welcome message
user . send_welcome_message = ! user . active?
user . active = true
user . email = email_token . email
user . save!
end
end
user
rescue ActiveRecord :: RecordInvalid
# If the user's email is already taken, just return nil (failure)
end
end
2013-05-23 22:48:32 -04:00
# == Schema Information
#
# Table name: email_tokens
#
# id :integer not null, primary key
# user_id :integer not null
# email :string(255) not null
# token :string(255) not null
# confirmed :boolean default(FALSE), not null
# expired :boolean default(FALSE), not null
2014-05-27 21:49:50 -04:00
# created_at :datetime
# updated_at :datetime
2013-05-23 22:48:32 -04:00
#
# Indexes
#
# index_email_tokens_on_token (token) UNIQUE
#