+# Perform api_token checking very early in the request process. We want to do
+# this in the Rack stack instead of in ApplicationController because
+# websockets needs access to authentication but doesn't use any of the rails
+# active dispatch infrastructure.
+require 'db_current_time'
+
class ArvadosApiToken
+ include DbCurrentTime
+
+ # Create a new ArvadosApiToken handler
+ # +app+ The next layer of the Rack stack.
def initialize(app = nil, options = nil)
@app = app if app.respond_to?(:call)
end
def call env
- # first, clean up just in case
+ # First, clean up just in case we have a multithreaded server and thread
+ # local variables are still set from a prior request. Also useful for
+ # tests that call this code to set up the environment.
Thread.current[:api_client_ip_address] = nil
Thread.current[:api_client_authorization] = nil
Thread.current[:api_client_uuid] = nil
params = request.params
remote_ip = env["action_dispatch.remote_ip"]
- Thread.current[:request_starttime] = Time.now
+ Thread.current[:request_starttime] = db_current_time
user = nil
api_client = nil
api_client_auth = nil
Thread.current[:api_client] = api_client
Thread.current[:user] = user
if api_client_auth
- api_client_auth.last_used_at = Time.now
+ api_client_auth.last_used_at = db_current_time
api_client_auth.last_used_by_ip_address = remote_ip.to_s
api_client_auth.save validate: false
end