Add helper generate and validate token (#3907)

* Added is_verified column to users with default value false * added helper functions for generation and validation of tokens * Delete 20181103114645_add_is_verified_to_users.rb * Minor code fixes * Added tests for implemented helper functions * Added failing tests for helper functions * Added test to make sure that a token is not validated 24 hours after gen * Code quality changes
publiclab · Nov 9, 2018 · 788ff6f · 788ff6f
1 parent f7856e7
commit 788ff6f
Show file tree

Hide file tree

Showing 2 changed files with 47 additions and 0 deletions.
diff --git a/app/models/user.rb b/app/models/user.rb
@@ -7,6 +7,7 @@ def validate(record)
 end
 
 class User < ActiveRecord::Base
+  include Utils
   self.table_name = 'rusers'
   alias_attribute :name, :username
 
@@ -416,6 +417,22 @@ def customize_digest(type)
     end
   end
 
+  def generate_token
+    user_id_and_time = { :id => id, :timestamp => Time.now }
+    encrypt(user_id_and_time)
+  end
+
+  def validate_token(token)
+    decrypted_data = decrypt(token)
+    if id != decrypted_data[:id]
+      return false
+    elsif (Time.now - decrypted_data[:timestamp]) / 1.hour > 24.0
+      return false
+    else
+      return true
+    end
+  end
+
   private
 
   def map_openid_registration(registration)

diff --git a/test/unit/user_test.rb b/test/unit/user_test.rb
@@ -1,6 +1,7 @@
 require 'test_helper'
 
 class UserTest < ActiveSupport::TestCase
+  include Utils
   test 'user creation' do
     user = User.new(username: 'chris',
                     password: 'godzillas',
@@ -220,4 +221,33 @@ class UserTest < ActiveSupport::TestCase
     #as the username as "jeff" exists, hence username = "jeff" + 2 digit alphanumeric code will be created
     assert_not_equal jeffrey.username, "jeff"
   end
+
+  test 'generate token and validate token correctness test' do
+    user_obj = User.first
+    generated_token = user_obj.generate_token
+    assert_equal user_obj.validate_token(generated_token), true
+  end
+
+  test 'do not verify users email if the token is not generated for him' do
+    all_users = User.where("id<?", 3)
+    generated_token = all_users[0].generate_token
+    if all_users.length > 1
+      assert_not_equal all_users[1].validate_token(generated_token), true
+    end
+  end
+
+  test 'raise exception upon invalid token' do
+    user_obj = User.first
+    generated_token = user_obj.generate_token
+    generated_token = generated_token[2,generated_token.length]
+    assert_raise do
+      user_obj.validate_token(generated_token)
+    end
+  end
+
+  test 'do not validate email if token has expired' do
+    user_obj = User.first
+    assert_not_equal user_obj.validate_token(encrypt({:id => user_obj.id, :timestamp => Time.now - (24*60*60+1)})), true
+  end
+
 end