Class: ApiKey

Inherits:

ApplicationRecord

• Object
• ActiveRecord::Base
• ApplicationRecord
• ApiKey

Defined in:

app/models/api_key.rb

Overview

Represents an API key that can be used to authenticate API requests.

Class Method Summary

• .issue!(api_application:, expires_at: nil) ⇒ Object

  Issues a new active key.

Class Method Details

.issue!(api_application:, expires_at: nil) ⇒ Object

Issues a new active key. The plaintext key is a 256-bit random token returned once and never stored; only its SHA-256 hex digest is persisted.

Parameters:

• api_application (ApiApplication) —

  the application to associate the new key with

• expires_at (Time, nil) (defaults to: nil) —

  optional explicit expiry timestamp for the key

# File 'app/models/api_key.rb', line 17

def self.issue!(api_application:, expires_at: nil)
  plaintext_key = SecureRandom.hex(32) # 64-char hex, 256 bits of entropy

  api_key = create!(
    api_application: api_application,
    key_digest: Digest::SHA256.hexdigest(plaintext_key),
    status: :active,
    expires_at: expires_at
  )

  { api_key: api_key, plaintext_key: plaintext_key }
end