jcs.org
An unofficial, mostly Bitwarden-compatible API server written in Ruby (Sinatra and ActiveRecord)
1#
2# Copyright (c) 2017 joshua stein <jcs@jcs.org>
3#
4# Permission to use, copy, modify, and distribute this software for any
5# purpose with or without fee is hereby granted, provided that the above
6# copyright notice and this permission notice appear in all copies.
7#
8# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15#
16
17class Device < DBModel
18 self.table_name = "devices"
19 #set_primary_key "uuid"
20
21 before_create :generate_uuid_primary_key
22
23 belongs_to :user, foreign_key: :user_uuid, inverse_of: :devices
24
25 DEFAULT_TOKEN_VALIDITY = (60 * 60)
26
27 def regenerate_tokens!(validity = DEFAULT_TOKEN_VALIDITY)
28 if self.refresh_token.blank?
29 self.refresh_token = SecureRandom.urlsafe_base64(64)[0, 64]
30 end
31
32 self.token_expires_at = Time.now + validity
33
34 # the official clients parse this JWT and checks for the existence of some
35 # of these fields
36 self.access_token = Bitwarden::Token.sign({
37 :nbf => (Time.now - (60 * 2)).to_i,
38 :exp => self.token_expires_at.to_i,
39 :iss => IDENTITY_BASE_URL,
40 :sub => self.user.uuid,
41 :premium => self.user.premium,
42 :name => self.user.name,
43 :email => self.user.email,
44 :email_verified => self.user.email_verified,
45 :sstamp => self.user.security_stamp,
46 :device => self.uuid,
47 :scope => [ "api", "offline_access" ],
48 :amr => [ "Application" ],
49 })
50 end
51end