| 123456789101112131415161718192021222324252627282930313233343536373839 |
- class Token < ApplicationRecord
- # A Token contains some information that can be used as an alternative way to
- # authenticate a user, typically instead of a username/password combination.
- #
- # At least the following types of tokens will exist:
- # - Account confirmation tokens, sent to the user when their account is
- # created (to verify their email address)
- # - Password reset tokens
- # - API authentication tokens
- #
- # @!attribute token
- # @return [String]
- # a unique token, that allows the holder to perform some action.
- #
- # @!attribute expires
- # @return [DateTime]
- # when the token will expire (and will no longer be usable).
- #
- # @!attribute tokentype
- # @return [String]
- # what action the token allows the holder to perform. Use the hash
- # Token::TYPES instead of comparing directly!
- #
- # @!attribute user
- # @return [User]
- # what user the token allows the holder to authenticate as.
- TYPES = {
- password_reset: 'pw_reset',
- account_confirmation: 'confirm',
- api_authentication: 'api'
- }
- validates :token, uniqueness: true, presence: true
- validates :user, presence: true
- belongs_to :user
- end
|
