From f89d436aebdca2f4c0719c2dd5007a9597e9e3bc Mon Sep 17 00:00:00 2001
From: Thein Lin Kyaw <theinlinkyaw@code2lab.com>
Date: Wed, 15 Jan 2020 11:28:57 +0630
Subject: [PATCH] update authenticate with app_token

---
 .../api/authenticate_controller.rb            |  2 +-
 app/models/employee.rb                        | 27 +++++++++----------
 2 files changed, 13 insertions(+), 16 deletions(-)

diff --git a/app/controllers/api/authenticate_controller.rb b/app/controllers/api/authenticate_controller.rb
index ec1f4410..69cac0c1 100755
--- a/app/controllers/api/authenticate_controller.rb
+++ b/app/controllers/api/authenticate_controller.rb
@@ -66,5 +66,5 @@ class Api::AuthenticateController < Api::ApiController
     params.permit(:emp_id, :password, :session_token)
   end
 
-  
+
 end
diff --git a/app/models/employee.rb b/app/models/employee.rb
index 9d18c6c6..3081b036 100755
--- a/app/models/employee.rb
+++ b/app/models/employee.rb
@@ -38,25 +38,22 @@ class Employee < ApplicationRecord
       end
     end
     return nil
-
   end
 
-  def self.authenticate_by_token(session_token)
-    if (session_token)
-      user = Employee.find_by_token_session(session_token)
-      expiry_time = login_expiry_time
-      if user && !user.session_expiry.nil?
-        if user && user.session_expiry.utc > DateTime.now.utc
+  def self.authenticate_by_token(token)
+    if token
+      if user = Employee.find_by_token_session(token)
+        expiry_time = login_expiry_time
+        if user.session_expiry && user.session_expiry.utc > DateTime.now.utc
           #Extend the login time each time authenticatation take place
           user.session_expiry = user.session_expiry.utc + expiry_time.minutes
           user.save
           return true
-        else
-          return false
         end
+      elsif user = Employee.find_by_app_token(token)
+        return true
       end
     end
-
     return false
   end
 
@@ -92,17 +89,17 @@ class Employee < ApplicationRecord
     return expiry_time
   end
 
-  def generate_app_id 
+  def generate_app_id
     # return if self.role != 'application'
     self.app_id = SecureRandom.urlsafe_base64(nil, false)
-    rescue ActiveRecord::RecordNotUnique
-      retry
+  rescue ActiveRecord::RecordNotUnique
+    retry
   end
 
   def generate_app_token
     # return if self.role != 'application'
     self.app_token = SecureRandom.hex(10)
-    rescue ActiveRecord::RecordNotUnique
-      retry
+  rescue ActiveRecord::RecordNotUnique
+    retry
   end
 end