RT 5.0.7 Documentation

RT::AuthToken

NAME

RT::AuthToken - Represents an authentication token for a user

METHODS

Create PARAMHASH

Create takes a hash of values and creates a row in the database. Available keys are:

Owner

The user ID for whom this token will authenticate. If it's not the AuthToken object's CurrentUser, then the AdminUsers permission is required.

Description

A human-readable description of what this token will be used for.

Expires

An optional date for when this token should expire.

Returns a tuple of (status, msg) on failure and (id, msg, authstring) on success. Note that this is the only time the authstring will be directly readable (as it is stored in the database hashed like a password, so use this opportunity to capture it.

CurrentUserCanSee

Returns true if the current user can see the AuthToken

SetOwner

Not permitted

SetToken

Not permitted

Delete

Checks ACL

UpdateLastUsed

Sets the "last used" time, without touching "last updated"

ParseAuthString AUTHSTRING

Class method that takes as input an authstring and provides a tuple of (user id, token) on success, or the empty list on failure.

IsToken

Analogous to "IsPassword" in RT::User, without all of the legacy password forms.

LastUsedObj

"LastUsed" as an RT::Date object.

ExpiresObj

"Expires" as an RT::Date object.

PRIVATE METHODS

Documented for internal use only, do not call these from outside RT::AuthToken itself.

_Set

Checks if the current user can ManageAuthTokens before calling SUPER::_Set.

_Value

Checks "CurrentUserCanSee" before calling SUPER::_Value.

_GenerateToken

Generates an unpredictable auth token

_BuildAuthString

Takes a user id and token and provides an authstring for use in place of a (username, password) combo.

← Back to index