Class: ActiveSupport::MessageVerifier
- Defined in:
- lib/active_support/message_verifier.rb
Overview
MessageVerifier
makes it easy to generate and verify messages which are signed to prevent tampering.
This is useful for cases like remember-me tokens and auto-unsubscribe links where the session store isn’t suitable or available.
Remember Me:
[:remember_me] = @verifier.generate([@user.id, 2.weeks.from_now])
In the authentication filter:
id, time = @verifier.verify([:remember_me])
if time < Time.now
self.current_user = User.find(id)
end
By default it uses Marshal to serialize the message. If you want to use another serialization method, you can set the serializer in the options hash upon initialization:
@verifier = ActiveSupport::MessageVerifier.new('s3Krit', serializer: YAML)
Defined Under Namespace
Classes: InvalidSignature
Instance Method Summary collapse
- #generate(value) ⇒ Object
-
#initialize(secret, options = {}) ⇒ MessageVerifier
constructor
A new instance of MessageVerifier.
- #verify(signed_message) ⇒ Object
Constructor Details
#initialize(secret, options = {}) ⇒ MessageVerifier
Returns a new instance of MessageVerifier.
29 30 31 32 33 |
# File 'lib/active_support/message_verifier.rb', line 29 def initialize(secret, = {}) @secret = secret @digest = [:digest] || 'SHA1' @serializer = [:serializer] || Marshal end |
Instance Method Details
#generate(value) ⇒ Object
51 52 53 54 |
# File 'lib/active_support/message_verifier.rb', line 51 def generate(value) data = ::Base64.strict_encode64(@serializer.dump(value)) "#{data}--#{generate_digest(data)}" end |
#verify(signed_message) ⇒ Object
35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 |
# File 'lib/active_support/message_verifier.rb', line 35 def verify() raise InvalidSignature if .blank? data, digest = .split("--") if data.present? && digest.present? && secure_compare(digest, generate_digest(data)) begin @serializer.load(::Base64.strict_decode64(data)) rescue ArgumentError => argument_error raise InvalidSignature if argument_error. =~ %r{invalid base64} raise end else raise InvalidSignature end end |