This repository has been archived on 2024-07-22. You can view files and clone it, but cannot push or open issues or pull requests.
2020-06-02 10:24:53 -07:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
# == Schema Information
|
|
|
|
#
|
|
|
|
# Table name: system_keys
|
|
|
|
#
|
|
|
|
# id :bigint(8) not null, primary key
|
|
|
|
# key :binary
|
|
|
|
# created_at :datetime not null
|
|
|
|
# updated_at :datetime not null
|
|
|
|
#
|
|
|
|
class SystemKey < ApplicationRecord
|
|
|
|
ROTATION_PERIOD = 1.week.freeze
|
|
|
|
|
|
|
|
before_validation :set_key
|
|
|
|
|
2023-02-17 19:30:23 -08:00
|
|
|
scope :expired, ->(now = Time.now.utc) { where(arel_table[:created_at].lt(now - (ROTATION_PERIOD * 3))) }
|
2020-06-02 10:24:53 -07:00
|
|
|
|
|
|
|
class << self
|
|
|
|
def current_key
|
|
|
|
previous_key = order(id: :asc).last
|
|
|
|
|
|
|
|
if previous_key && previous_key.created_at >= ROTATION_PERIOD.ago
|
|
|
|
previous_key.key
|
|
|
|
else
|
|
|
|
create.key
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def set_key
|
|
|
|
return if key.present?
|
|
|
|
|
|
|
|
cipher = OpenSSL::Cipher.new('AES-256-GCM')
|
|
|
|
cipher.encrypt
|
|
|
|
|
|
|
|
self.key = cipher.random_key
|
|
|
|
end
|
|
|
|
end
|