Module: ActionDispatch::Cookies::VerifyAndUpgradeLegacySignedMessage

Included in:

UpgradeLegacyEncryptedCookieJar, UpgradeLegacySignedCookieJar

Defined in:

lib/action_dispatch/middleware/cookies.rb

Overview

Passing the ActiveSupport::MessageEncryptor::NullSerializer downstream to the MessageEncryptor,Verifier allows us to handle the (de)serialization step within the cookie jar, which gives us the opportunity to detect and migrate legacy cookies.

Instance Method Summary

• #initialize(*args) ⇒ Object

  :nodoc:.

• #verify_and_upgrade_legacy_signed_message(name, signed_message) ⇒ Object

Instance Method Details

#initialize(*args) ⇒ Object

:nodoc:

# File 'lib/action_dispatch/middleware/cookies.rb', line 250

def initialize(*args)
  super
  @legacy_verifier = ActiveSupport::MessageVerifier.new(request.secret_token, serializer: ActiveSupport::MessageEncryptor::NullSerializer)
end

#verify_and_upgrade_legacy_signed_message(name, signed_message) ⇒ Object

# File 'lib/action_dispatch/middleware/cookies.rb', line 255

def verify_and_upgrade_legacy_signed_message(name, signed_message)
  deserialize(name, @legacy_verifier.verify(signed_message)).tap do |value|
    self[name] = { value: value }
  end
rescue ActiveSupport::MessageVerifier::InvalidSignature
  nil
end