Don't generate new customer view token every time

app/controllers/customers_controller.rb

@@ -134,6 +134,23 @@ class CustomersController < ApplicationController
     end
   end
 
+  # creates new customer view tokens, removes expired tokens & redirects to newly created customer view with new token.
+  def share
+
+    Thread.new do
+      logger.debug "Removing expired customer tokens"
+      CustomerToken.remove_expired_tokens
+      ActiveRecord::Base.connection.close
+    end
+
+    begin
+      issue = Issue.find_by_id(params[:id])
+      redirect_to "#{Redmine::Utils::relative_url_root}/customers/view/#{issue.share_token.token}"
+    rescue
+      render_404
+    end
+  end
+  
   # displays an issue for a customer with a provided security CustomerToken
   def view
 

app/models/customer_token.rb

@@ -11,7 +11,6 @@
 class CustomerToken < ActiveRecord::Base
   unloadable
   has_many :issues
-  #attr_accessible :token, :expires_at, :issue_id
   validates_presence_of :expires_at, :issue_id
   before_create :generate_token
 
@@ -20,4 +19,9 @@ class CustomerToken < ActiveRecord::Base
   def generate_token
     self.token = SecureRandom.base64(15).tr('+/=lIO0', OAUTH_CONSUMER_SECRET)
   end
+
+  def remove_expired_tokens
+    CustomerToken.where("expires_at < ?", Time.now).destroy_all
+  end
+
 end

config/routes.rb

@@ -1,6 +1,6 @@
 #The MIT License (MIT)
 #
-#Copyright (c) 2017 rick barrette
+#Copyright (c) 2022 rick barrette
 #
 #Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
 #
@@ -28,6 +28,7 @@ get 'qbo/bill/:id', :to => 'qbo#bill', as: :bill
 
 #customer issue view
 get 'customers/view/:token', :to => 'customers#view', as: :view
+get 'customers/share/:id', :to => 'customers#share', as: :share
 
 #payments
 resources :payments
@@ -48,5 +49,3 @@ end
 
 #allow for just vehicles too
 resources :vehicles
-
-#resources :qbo_estimates

lib/issues_show_hook_listener.rb

@@ -62,7 +62,7 @@ class IssuesShowHookListener < Redmine::Hook::ViewListener
 
   def view_issues_show_description_bottom(context={})
     bill_button = button_to "Bill Time", "#{Redmine::Utils::relative_url_root}/qbo/bill/#{context[:issue].id}", method: :get if User.current.admin?
-    share_button = button_to "Share", "#{Redmine::Utils::relative_url_root}/customers/view/#{context[:issue].share_token.token}", method: :get if User.current.logged?
+    share_button = button_to "Share", "#{Redmine::Utils::relative_url_root}/customers/share/#{context[:issue].id}", method: :get if User.current.logged?
     return "<br/> #{bill_button} #{share_button}"
   end