Module: Dscf::Core::TokenAuthenticatable

Extended by:
ActiveSupport::Concern
Included in:
ApplicationController
Defined in:
app/controllers/concerns/dscf/core/token_authenticatable.rb

Instance Method Summary collapse

Instance Method Details

#require_valid_refresh_tokenObject

Raises:



38
39
40
41
42
43
 
# File 'app/controllers/concerns/dscf/core/token_authenticatable.rb', line 38

def require_valid_refresh_token
  refresh_token_value = extract_refresh_token_from_params
  return if refresh_token_value && RefreshToken.active.exists?(refresh_token: refresh_token_value)

  raise AuthenticationError, "Valid refresh token required"
end

#validate_device_consistencyObject 



28
29
30
31
32
33
34
35
36
 
# File 'app/controllers/concerns/dscf/core/token_authenticatable.rb', line 28

def validate_device_consistency
  return unless current_user && request.params[:device_id]

  refresh_token_record = current_user.refresh_tokens.active.find_by(device: request.params[:device_id])
  return if refresh_token_record

  # Device mismatch - could indicate suspicious activity
  Rails.logger.warn("Device mismatch for user #{current_user.id}: #{request.params[:device_id]}")
end

#validate_token_expiryObject 



11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
 
# File 'app/controllers/concerns/dscf/core/token_authenticatable.rb', line 11

def validate_token_expiry
  return unless current_user

  access_token = extract_access_token_from_header
  return unless access_token

  payload = TokenService.decode(access_token)
  return unless payload

  # Check if token is close to expiry (within 5 minutes)
  if payload["exp"] && payload["exp"] - Time.current.to_i < 300
    Rails.logger.info("Access token close to expiry for user #{current_user.id}")
  end
rescue AuthenticationError
  handle_expired_token
end