Encrypt access_token and refresh_token
This commit is contained in:
parent
4b0a054596
commit
73ccddee94
5
Gemfile
5
Gemfile
@ -21,9 +21,12 @@ gem 'jbuilder'
|
||||
# Reduces boot times through caching; required in config/boot.rb
|
||||
gem 'bootsnap', '>= 1.4.2', require: false
|
||||
|
||||
gem 'lockbox'
|
||||
|
||||
# gem 'airrecord'
|
||||
gem 'google-api-client'
|
||||
gem 'rack-cors'
|
||||
gem "sentry-raven"
|
||||
gem 'sentry-raven'
|
||||
|
||||
group :development, :test do
|
||||
# Call 'byebug' anywhere in the code to stop execution and get a debugger console
|
||||
|
@ -100,6 +100,7 @@ GEM
|
||||
listen (3.2.1)
|
||||
rb-fsevent (~> 0.10, >= 0.10.3)
|
||||
rb-inotify (~> 0.9, >= 0.9.10)
|
||||
lockbox (0.3.4)
|
||||
loofah (2.5.0)
|
||||
crass (~> 1.0.2)
|
||||
nokogiri (>= 1.5.9)
|
||||
@ -224,6 +225,7 @@ DEPENDENCIES
|
||||
google-api-client
|
||||
jbuilder
|
||||
listen
|
||||
lockbox
|
||||
pg
|
||||
puma
|
||||
rack-cors
|
||||
|
@ -1,6 +1,9 @@
|
||||
class Authentication < ApplicationRecord
|
||||
belongs_to :user
|
||||
|
||||
encrypts :access_token
|
||||
encrypts :refresh_token
|
||||
|
||||
def expired?
|
||||
expires_at <= Time.current
|
||||
end
|
||||
|
8
db/migrate/20200408212150_add_lockbox_columns.rb
Normal file
8
db/migrate/20200408212150_add_lockbox_columns.rb
Normal file
@ -0,0 +1,8 @@
|
||||
class AddLockboxColumns < ActiveRecord::Migration[6.0]
|
||||
def change
|
||||
add_column :authentications, :access_token_ciphertext, :text
|
||||
add_column :authentications, :refresh_token_ciphertext, :text
|
||||
remove_column :authentications, :access_token
|
||||
remove_column :authentications, :refresh_token
|
||||
end
|
||||
end
|
@ -10,7 +10,7 @@
|
||||
#
|
||||
# It's strongly recommended that you check this file into your version control system.
|
||||
|
||||
ActiveRecord::Schema.define(version: 2020_04_05_161905) do
|
||||
ActiveRecord::Schema.define(version: 2020_04_08_212150) do
|
||||
|
||||
# These are extensions that must be enabled in order to support this database
|
||||
enable_extension "plpgsql"
|
||||
|
@ -1,3 +1,4 @@
|
||||
GOOGLE_CLIENT_ID=clientid
|
||||
GOOGLE_CLIENT_SECRET=secret
|
||||
GOOGLE_PROJECT_ID=projectid
|
||||
LOCKBOX_MASTER_KEY=f7b18b63d3f7ec48fa78bab327cdf81b0969020f70dc16947b14572cde3e2b7d
|
||||
|
Loading…
x
Reference in New Issue
Block a user