# -*- encoding : utf-8 -*-
class Token < ActiveRecord::Base
  belongs_to :subject, :polymorphic => true, :touch => true
  belongs_to :creator, :class_name => 'User'
  belongs_to :updater, :class_name => 'User'

  validates :creator_id, :subject_id, :subject_type, :presence => true
  validates :authentication_token, :presence => true, :uniqueness => {:case_sensitive => true}

  default_scope order("#{table_name}.created_at desc")
  scope :by_active, where(:status => 'active')

  before_validation :generate_token, :on => :create

  attr_accessible :description

  state_machine :status, :initial => :active do
    event :block do
      transition [:active, :blocked] => :blocked
    end
  end

  protected

  def generate_token
    self.authentication_token = loop do
      token = SecureRandom.urlsafe_base64(32)
      break token unless Token.where(:authentication_token => token).exists?
    end
  end

end