expose user's api key as api_token field on sessions

2019-10-07 13:54:52 -07:00
parent 4e630f50cc
commit 62a1aeabce
3 changed files with 24 additions and 7 deletions
--- a/app/logical/session_creator.rb
+++ b/app/logical/session_creator.rb
@@ -1,5 +1,6 @@
 class SessionCreator
  attr_reader :session, :cookies, :name, :password, :ip_addr, :remember, :secure
+  attr_reader :user

  def initialize(session, cookies, name, password, ip_addr, remember = false, secure = false)
    @session = session
@@ -13,23 +14,23 @@ class SessionCreator

  def authenticate
    if User.authenticate(name, password)
-      user = User.find_by_name(name)
+      @user = User.find_by_name(name)

      if remember.present?
        cookies.permanent.signed[:user_name] = {
-          :value => user.name,
+          :value => @user.name,
          :secure => secure,
          :httponly => true
        }
        cookies.permanent[:password_hash] = {
-          :value => user.bcrypt_cookie_password_hash,
+          :value => @user.bcrypt_cookie_password_hash,
          :secure => secure,
          :httponly => true
        }
      end

-      session[:user_id] = user.id
-      user.update_column(:last_ip_addr, ip_addr)
+      session[:user_id] = @user.id
+      @user.update_column(:last_ip_addr, ip_addr)
      return true
    else
      return false