Method: ActiveSupport::MessageVerifier#verify

Defined in:
lib/active_support/message_verifier.rb

#verify(message, **options) ⇒ Object

Decodes the signed message using the MessageVerifier‘s secret.

verifier = ActiveSupport::MessageVerifier.new("secret")
signed_message = verifier.generate("signed message")

verifier.verify(signed_message) # => "signed message"

Raises InvalidSignature if the message was not signed with the same secret or was not Base64-encoded.

other_verifier = ActiveSupport::MessageVerifier.new("different_secret")
other_verifier.verify(signed_message) # => ActiveSupport::MessageVerifier::InvalidSignature

Options

:purpose

The purpose that the message was generated with. If the purpose does not match, verify will raise ActiveSupport::MessageVerifier::InvalidSignature.

message = verifier.generate("hello", purpose: "greeting")
verifier.verify(message, purpose: "greeting") # => "hello"
verifier.verify(message, purpose: "chatting") # => raises InvalidSignature
verifier.verify(message)                      # => raises InvalidSignature

message = verifier.generate("bye")
verifier.verify(message)                      # => "bye"
verifier.verify(message, purpose: "greeting") # => raises InvalidSignature



248
249
250
251
252
253
254
255
256
 
# File 'lib/active_support/message_verifier.rb', line 248

def verify(message, **options)
  catch_and_raise :invalid_message_format, as: InvalidSignature do
    catch_and_raise :invalid_message_serialization do
      catch_and_raise :invalid_message_content, as: InvalidSignature do
        read_message(message, **options)
      end
    end
  end
end