Add 'expire' to filter invalid tokens
This commit is contained in:
parent
b535de690e
commit
ad20d6359b
2 changed files with 3 additions and 2 deletions
|
@ -4,7 +4,8 @@
|
|||
|
||||
CREATE TABLE public.nonces
|
||||
(
|
||||
nonce text
|
||||
nonce text,
|
||||
expire timestamp with time zone,
|
||||
)
|
||||
WITH (
|
||||
OIDS=FALSE
|
||||
|
|
|
@ -203,7 +203,7 @@ end
|
|||
def create_response(user_id, operation, key, db, expire = 6.hours)
|
||||
expire = Time.now + expire
|
||||
nonce = Random::Secure.hex(16)
|
||||
db.exec("INSERT INTO nonces VALUES ($1) ON CONFLICT DO NOTHING", nonce)
|
||||
db.exec("INSERT INTO nonces VALUES ($1, $2) ON CONFLICT DO NOTHING", nonce, expire)
|
||||
|
||||
challenge = "#{expire.to_unix}-#{nonce}-#{user_id}-#{operation}"
|
||||
token = OpenSSL::HMAC.digest(:sha256, key, challenge)
|
||||
|
|
Loading…
Reference in a new issue