Module: ActiveRecord::SignedId
- Extended by:
- ActiveSupport::Concern
- Included in:
- Base
- Defined in:
- activerecord/lib/active_record/signed_id.rb
Overview
Active Record Signed Id
Defined Under Namespace
Modules: ClassMethods
Instance Method Summary collapse
-
#signed_id(expires_in: nil, expires_at: nil, purpose: nil) ⇒ Object
Returns a signed id that’s generated using a preconfigured
ActiveSupport::MessageVerifier
instance.
Methods included from ActiveSupport::Concern
append_features, class_methods, extended, included, prepend_features, prepended
Instance Method Details
#signed_id(expires_in: nil, expires_at: nil, purpose: nil) ⇒ Object
Returns a signed id that’s generated using a preconfigured ActiveSupport::MessageVerifier
instance. This signed id is tamper proof, so it’s safe to send in an email or otherwise share with the outside world. It can furthermore be set to expire (the default is not to expire), and scoped down with a specific purpose. If the expiration date has been exceeded before find_signed
is called, the id won’t find the designated record. If a purpose is set, this too must match.
If you accidentally let a signed id out in the wild that you wish to retract sooner than its expiration date (or maybe you forgot to set an expiration date while meaning to!), you can use the purpose to essentially version the signed_id, like so:
user.signed_id purpose: :v2
And you then change your find_signed
calls to require this new purpose. Any old signed ids that were not created with the purpose will no longer find the record.
112 113 114 115 116 |
# File 'activerecord/lib/active_record/signed_id.rb', line 112 def signed_id(expires_in: nil, expires_at: nil, purpose: nil) raise ArgumentError, "Cannot get a signed_id for a new record" if new_record? self.class.signed_id_verifier.generate id, expires_in: expires_in, expires_at: expires_at, purpose: self.class.combine_signed_id_purposes(purpose) end |