diff options
Diffstat (limited to 'app/services/users/email_verification/validate_token_service.rb')
-rw-r--r-- | app/services/users/email_verification/validate_token_service.rb | 78 |
1 files changed, 78 insertions, 0 deletions
diff --git a/app/services/users/email_verification/validate_token_service.rb b/app/services/users/email_verification/validate_token_service.rb new file mode 100644 index 00000000000..b1b34e94f49 --- /dev/null +++ b/app/services/users/email_verification/validate_token_service.rb @@ -0,0 +1,78 @@ +# frozen_string_literal: true + +module Users + module EmailVerification + class ValidateTokenService < EmailVerification::BaseService + include ActionView::Helpers::DateHelper + + TOKEN_VALID_FOR_MINUTES = 60 + + def initialize(attr:, user:, token:) + super(attr: attr) + + @user = user + @token = token + end + + def execute + return failure(:rate_limited) if verification_rate_limited? + return failure(:invalid) unless valid? + return failure(:expired) if expired_token? + + success + end + + private + + attr_reader :user + + def verification_rate_limited? + Gitlab::ApplicationRateLimiter.throttled?(:email_verification, scope: user[attr]) + end + + def valid? + return false unless token.present? + + Devise.secure_compare(user[attr], digest) + end + + def expired_token? + generated_at = case attr + when :unlock_token then user.locked_at + when :confirmation_token then user.confirmation_sent_at + end + + generated_at < TOKEN_VALID_FOR_MINUTES.minutes.ago + end + + def success + { status: :success } + end + + def failure(reason) + { + status: :failure, + reason: reason, + message: failure_message(reason) + } + end + + def failure_message(reason) + case reason + when :rate_limited + format(s_("IdentityVerification|You've reached the maximum amount of tries. "\ + 'Wait %{interval} or send a new code and try again.'), interval: email_verification_interval) + when :expired + s_('IdentityVerification|The code has expired. Send a new code and try again.') + when :invalid + s_('IdentityVerification|The code is incorrect. Enter it again, or send a new code.') + end + end + + def email_verification_interval + interval_in_seconds = Gitlab::ApplicationRateLimiter.rate_limits[:email_verification][:interval] + distance_of_time_in_words(interval_in_seconds) + end + end + end +end |