Module: CSRF

Included in:

ControllerBase

Defined in:

lib/laris/controller/csrf.rb

Instance Method Summary

• #form_authenticity_token ⇒ Object
• #verify_authenticity ⇒ Object

Instance Method Details

#form_authenticity_token ⇒ Object

# File 'lib/laris/controller/csrf.rb', line 2

def form_authenticity_token
  @token ||= SecureRandom.urlsafe_base64
end

#verify_authenticity ⇒ Object

# File 'lib/laris/controller/csrf.rb', line 6

def verify_authenticity
  unless session_auth_token == form_auth_token
    raise "Invalid Authenticity Token"
  end
end