Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use SSO for moderation portal #21

Closed
wants to merge 11 commits into from
Prev Previous commit
Next Next commit
Replace use of Authlogic token generator
The Authlogic gem uses SecureRandom.urlsafe_base64 internally but we can use
the SecureRandom.base58 method to restrict it to alphanumeric characters.
pixeltrix committed Jan 26, 2024
commit 5b7adff95051a1f55a04226918002b2870c95aef
2 changes: 1 addition & 1 deletion app/models/concerns/perishable_token_generator.rb
Original file line number Diff line number Diff line change
@@ -4,7 +4,7 @@ module PerishableTokenGenerator
class_methods do
def has_perishable_token(called: 'perishable_token')
before_create do
write_attribute(called, Authlogic::Random.friendly_token)
write_attribute(called, SecureRandom.base58(20))
end
end
end
4 changes: 2 additions & 2 deletions app/models/signature.rb
Original file line number Diff line number Diff line change
@@ -623,7 +623,7 @@ def validate!(now = Time.current, force: false, request: nil)
end

unless signed_token?
attributes[:signed_token] = Authlogic::Random.friendly_token
attributes[:signed_token] = SecureRandom.base58(20)
end

update_columns(attributes)
@@ -820,7 +820,7 @@ def generate_uuid
end

def generate_and_save_signed_token
token = Authlogic::Random.friendly_token
token = SecureRandom.base58(20)

retry_lock do
if signed_token?
2 changes: 1 addition & 1 deletion spec/factories.rb
Original file line number Diff line number Diff line change
@@ -223,7 +223,7 @@
location_code { "GB" }
ip_address { Faker::Internet.public_ip_v4_address }
state { Archived::Signature::VALIDATED_STATE }
unsubscribe_token { Authlogic::Random.friendly_token }
unsubscribe_token { SecureRandom.base58(20) }
notify_by_email { true }

trait :creator do
2 changes: 1 addition & 1 deletion spec/models/signature_spec.rb
Original file line number Diff line number Diff line change
@@ -2086,7 +2086,7 @@
end

context "when another process has updated the column" do
let(:token) { Authlogic::Random.friendly_token }
let(:token) { SecureRandom.base58(20) }

before do
signature.update_column(:signed_token, nil)