Class: Rack::Tamperproof

Inherits:

Object

• Object
• Rack::Tamperproof

Defined in:

lib/rack-tamperproof.rb

Defined Under Namespace

Classes: Protector

Constant Summary

Tampered =

Class.new(RuntimeError)

Instance Method Summary

• #call(env) ⇒ Object
• #delete_for(name, key = @default_key || raise) ⇒ Object
• #exception_for(name, key = @default_key || raise) ⇒ Object
• #initialize(app, opts = nil, &block) ⇒ Tamperproof constructor

  A new instance of Tamperproof.

Constructor Details

#initialize(app, opts = nil, &block) ⇒ Tamperproof

Returns a new instance of Tamperproof.

# File 'lib/rack-tamperproof.rb', line 78

def initialize(app, opts = nil, &block)
  @app = app
  @default_key = opts && opts[:default_key]
  @protected_cookies = {}
  instance_eval(&block)
end

Instance Method Details

#call(env) ⇒ Object

# File 'lib/rack-tamperproof.rb', line 85

def call(env)
  
  # detect cookies that are supposed to be tamper proof
  
  request = Rack::Request.new(env)
  request.cookies.each do |name, value|
    if @protected_cookies[name]
      @protected_cookies[name].validate(request)
    end
  end
  
  result = @app.call(env)
  response = Rack::Response.new(result[2], result[0], result[1])
  
  cookies = Rack::Utils.parse_query(response['Set-Cookie'], "\n")
  @protected_cookies.each do |name, protector|
    protector.add_secret_to_response(response, cookies)
  end
  response.to_a
end

#delete_for(name, key = @default_key || raise) ⇒ Object

# File 'lib/rack-tamperproof.rb', line 73

def delete_for(name, key = @default_key || raise)
  @protected_cookies[name.to_s] = Protector::DeleteProtector.new(name, key)
end

#exception_for(name, key = @default_key || raise) ⇒ Object

# File 'lib/rack-tamperproof.rb', line 69

def exception_for(name, key = @default_key || raise)
  @protected_cookies[name.to_s] = Protector::ExceptionProtector.new(name, key)
end