Class: RailsBase::Encryption
- Inherits:
-
Object
- Object
- RailsBase::Encryption
- Extended by:
- ServiceLogging
- Defined in:
- app/services/rails_base/encryption.rb
Constant Summary collapse
- SECRET_NAME =
'encryption_service_verifier'
Class Method Summary collapse
-
.class_name ⇒ Object
for service_logging class override.
-
.decode(value:, purpose:, url_safe: false) ⇒ Object
decoded = Encryption.decode(value: token, purpose: :login).
-
.encode(value:, purpose:, expires_in: nil, expires_at: nil, url_safe: false) ⇒ Object
token = Encryption.encode(value: ‘testing Encryption’, purpose: :login).
-
.rotate_secret ⇒ Object
Encryption.rotate_secret.
Methods included from ServiceLogging
aletered_message, class_name, log, log_prefix, logger, service_id
Class Method Details
.class_name ⇒ Object
for service_logging class override
9 10 11 |
# File 'app/services/rails_base/encryption.rb', line 9 def class_name name end |
.decode(value:, purpose:, url_safe: false) ⇒ Object
decoded = Encryption.decode(value: token, purpose: :login)
35 36 37 38 39 40 41 42 43 44 45 46 47 48 |
# File 'app/services/rails_base/encryption.rb', line 35 def decode(value:, purpose:, url_safe: false) value = CGI.unescape(value) if url_safe params = {} params[:purpose] = purpose if purpose log(level: :info, msg: "Decoding [#{value}] with params #{params}") # TODO: matt-taylor # Check if the message is valid and untampered with # https://api.rubyonrails.org/classes/ActiveSupport/MessageVerifier.html#method-i-valid_message-3F decoded = verifier.verified(value, **params) if decoded.nil? log(level: :warn, msg: "Failed to decode value: value: #{value}, purpose: #{purpose}") end decoded end |
.encode(value:, purpose:, expires_in: nil, expires_at: nil, url_safe: false) ⇒ Object
token = Encryption.encode(value: ‘testing Encryption’, purpose: :login)
13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
# File 'app/services/rails_base/encryption.rb', line 13 def encode(value:, purpose:, expires_in: nil, expires_at: nil, url_safe: false) # expires_in = 5.minutes if purpose==:user_id_ajax params = {} params[:purpose] = purpose if purpose params[:expires_at] = expires_at if expires_at # expires_in takes precedence if expires_in params[:expires_in] = expires_in params.delete :expires_at if expires_at end raise "expires_at && expires_in are both nil" if expires_in.nil? && expires_at.nil? log(level: :info, msg: "Encoding [#{value}] with params #{params}") token = verifier.generate(value, **params) token = CGI.escape(token) if url_safe token end |
.rotate_secret ⇒ Object
Encryption.rotate_secret
51 52 53 54 55 56 57 58 |
# File 'app/services/rails_base/encryption.rb', line 51 def rotate_secret if old_secret verifier(force: true).rotate(old_secret) else verifier(force: true) end log(level: :info, msg: "Rotating secret for Encryption") end |