Class: Dscf::Core::AuthService

Inherits:
Object
  • Object
show all
Defined in:
app/services/dscf/core/auth_service.rb

Class Method Summary collapse

Class Method Details

.authenticate_user(email_or_phone, password) ⇒ Object 



7
8
9
10
11
12
 
# File 'app/services/dscf/core/auth_service.rb', line 7

def authenticate_user(email_or_phone, password)
  user = find_user_by_email_or_phone(email_or_phone)
  return nil unless user&.authenticate(password)

  user
end

.generate_auth_tokens(user, request) ⇒ Object 



14
15
16
17
18
19
20
21
22
23
 
# File 'app/services/dscf/core/auth_service.rb', line 14

def generate_auth_tokens(user, request)
  access_token = TokenService.issue(TokenService.access_token_payload(user))
  refresh_token = create_refresh_token(user, request)

  {
    access_token: access_token,
    refresh_token: refresh_token,
    user: user
  }
end

.refresh_access_token(refresh_token_value, request) ⇒ Object 



25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
 
# File 'app/services/dscf/core/auth_service.rb', line 25

def refresh_access_token(refresh_token_value, request)
  refresh_token = RefreshToken.active.find_by(refresh_token: refresh_token_value)
  return nil unless refresh_token

  # Validate device and IP for security
  if refresh_token.ip_address != request.remote_ip
    refresh_token.destroy
    raise AuthenticationError, "Token compromised - IP address changed"
  end

  user = refresh_token.user
  access_token = TokenService.issue(TokenService.access_token_payload(user))

  {
    access_token: access_token,
    user: user
  }
end

.revoke_all_user_tokens(user) ⇒ Object 



48
49
50
 
# File 'app/services/dscf/core/auth_service.rb', line 48

def revoke_all_user_tokens(user)
  user.refresh_tokens.destroy_all
end

.revoke_refresh_token(token_value) ⇒ Object 



44
45
46
 
# File 'app/services/dscf/core/auth_service.rb', line 44

def revoke_refresh_token(token_value)
  RefreshToken.find_by(refresh_token: token_value)&.destroy
end