Improve Token

app/models/token.rb

@@ -14,7 +14,8 @@ class Token < ApplicationRecord
   #
   # @!attribute expires
   #   @return [DateTime]
-  #     when the token will expire (and will no longer be usable).
+  #     when the token will expire (and will no longer be usable). May be nil
+  #     for no expiry.
   #
   # @!attribute tokentype
   #   @return [String]
@@ -35,4 +36,29 @@ class Token < ApplicationRecord
   validates :user, presence: true
 
   belongs_to :user
+
+  before_validation :generate_token, if: "self.token.blank?"
+  before_validation :generate_expiry, on: :create
+
+  private
+  def generate_token
+    candidate = nil
+    loop do
+      candidate = SecureRandom::urlsafe_base64 32
+      break candidate unless Token.exists?(token: candidate)
+    end
+    self.token = candidate
+  end
+
+  # Defines the default expiry for the expiring tokens.
+  def generate_expiry
+    case self.tokentype
+    when TYPES[:password_reset]
+      1.days.since
+    when TYPES[:account_confirmation]
+      7.days.since
+    else
+      nil
+    end
+  end
 end